- 19 Oct, 2019 1 commit
-
-
It's currently possible to have patches with multiple old path name headers. As we didn't check for this case, this resulted in a memory leak when overwriting the old old path with the new old path because we simply discarded the old pointer. Instead of fixing this by free'ing the old pointer, we should reject such patches altogether. It doesn't make any sense for the "---" or "+++" markers to occur multiple times within a patch n the first place. This also implicitly fixes the memory leak.
Patrick Steinhardt committed
-
- 18 Oct, 2019 1 commit
-
-
fuzzers: add a new fuzzer for patch parsing
Patrick Steinhardt committed
-
- 17 Oct, 2019 8 commits
-
-
I was looking at this code anyway because the sr.ht people nerdsniped me, and it gave me that "I should fuzz this" feeling. So have a fuzzer!
Augie Fackler committed -
patch_parse: handle patches without extended headers
Patrick Steinhardt committed -
Provide a wrapper for simple submodule clone steps
Patrick Steinhardt committed -
Add two more tests that verify our behaviour in some edge cases, notably when cloning into a non-empty directory and when cloning the same submodule twice.
Patrick Steinhardt committed -
The test submodule::add::submodule_clone doesn't use a sandbox, and thus the created repo will not get deleted after the test has finished. Convert the test to use the empty standard repo sandbox instead to fix this.
Patrick Steinhardt committed -
The test submodule::add::homemade_clone unfortunately doesn't test what's expected, but does instead clone the submodule to a directory that is outside of the parent repository. Fixing this by cloning to the correct location isn't possible, though, as `git_submodule_add_setup` will have pre-created a ".git" file already, which will cause `git_clone` to error out. As it's not possible to perform the clone without fiddling around with the repo's layout, let's just remove this test as that is in fact what the new `git_submodule_clone` function is for.
Patrick Steinhardt committed -
Etienne Samson committed
-
macOS GSS Support
Patrick Steinhardt committed
-
- 16 Oct, 2019 2 commits
-
-
Extended header lines (especially the "index <hash>..<hash> <mode>") are not required by "git apply" so it import patches. So we allow the from-file/to-file lines (--- a/file\n+++ b/file) to directly follow the git diff header. This fixes #5267.
Denis Laxalde committed -
cmake: correct the link stanza for CoreFoundation
Edward Thomson committed
-
- 13 Oct, 2019 5 commits
-
-
LIBRARIES is the (absolute?) path to the library. LDFLAGS is the full linker stanza to correctly link with this lib. By passing LIBRARIES as LIBGIT_LIBS, the linker ends up with the absolute path for the SDK'ed version of CoreFoundation (which doesn't exist), instead of the familiar `-framework CoreFoundation`.
Etienne Samson committed -
Etienne Samson committed
-
Etienne Samson committed
-
Etienne Samson committed
-
Etienne Samson committed
-
- 11 Oct, 2019 2 commits
-
-
Fix file locking on POSIX OS
Patrick Steinhardt committed -
cmake: update minimum CMake version to v3.5.1
Patrick Steinhardt committed
-
- 10 Oct, 2019 3 commits
-
-
The flag GIT_FILEBUF_FORCE currently does two things: 1. It will cause the filebuf to create non-existing leading directories for the file that is about to be written. 2. It will forcibly remove any pre-existing locks. While most call sites actually do want (1), they do not want to remove pre-existing locks, as that renders the locking mechanisms effectively useless. Introduce a new flag `GIT_FILEBUF_CREATE_LEADING_DIRS` to separate both behaviours cleanly from each other and convert callers to use it instead of `GIT_FILEBUF_FORCE` to have them honor locked files correctly. As this conversion removes all current users of `GIT_FILEBUF_FORCE`, this commit removes the flag altogether.
Sebastian Henke committed -
patch_parse: handle patches with new empty files
Patrick Steinhardt committed -
Back in commit cf9f3452 (cmake: bump minimum version to 2.8.11, 2017-09-06), we have bumped the minimum CMake version to require at least v2.8.11. The main hold-backs back then were distributions like RHEL/CentOS as well as Ubuntu Trusty, which caused us to not target a more modern version. Nowadays, Ubuntu Trusty has been EOL'd and CentOS 6 has CMake v3.6.1 available via the EPEL6 repository, and thus it seems fair to upgrade to a more recent version. Going through repology [1], one can see that all supported mainstream distributions do in fact have CMake 3 available. Going through the list, the minimum version that is supported by all mainstream distros is in fact v3.5.1: - CentOS 6 via EPEL6: 3.6.1 - Debian Oldstable: 3.7.2 - Fedora 26: 3.8.2 - OpenMandriva 3.x: 3.5.1 - Slackware 14.2: 3.5.2 - Ubuntu 16.04: 3.5.1 Consequentally, let's upgrade CMake to the minimum version of 3.5.1 and remove all the version CMake checks that aren't required anymore. [1]: https://repology.org/project/cmake/versions
Patrick Steinhardt committed
-
- 03 Oct, 2019 4 commits
-
-
DRY commit parsing
Patrick Steinhardt committed -
The commit list's in- and out-degrees are currently stored as `unsigned short`. When assigning it the value of `git_array_size`, which returns an `size_t`, this generates a warning on some Win32 platforms due to loosing precision. We could just cast the returned value of `git_array_size`, which would work fine for 99.99% of all cases as commits typically have less than 2^16 parents. For crafted commits though we might end up with a wrong value, and thus we should definitely check whether the array size actually fits into the field. To ease the check, let's convert the fields to store the degrees as `uint16_t`. We shouldn't rely on such unspecific types anyway, as it may lead to different behaviour across platforms. Furthermore, this commit introduces a new `git__is_uint16` function to check whether it actually fits -- if not, we return an error.
Patrick Steinhardt committed -
Etienne Samson committed
-
This allows us to pick which data from a commit we're interested in. This will be used by the revwalk code, which is only interested in parents' and committer data.
Etienne Samson committed
-
- 28 Sep, 2019 3 commits
-
-
azure: avoid building and testing in Docker as root
Edward Thomson committed -
regexp: implement a new regular expression API
Edward Thomson committed -
Patches containing additions of empty files will not contain diff data but will end with the index header line followed by the terminating sequence "-- ". We follow the same logic as in cc4c44a9 and allow "-- " to immediately follow the index header.
Denis Laxalde committed
-
- 27 Sep, 2019 1 commit
-
-
git_refdb API fixes
Patrick Steinhardt committed
-
- 26 Sep, 2019 2 commits
-
-
Don't use enum for flags
Patrick Steinhardt committed -
Using an `enum` causes trouble when used with C++ as bitwise operations are not possible w/o casting (e.g., `opts.flags &= ~GIT_BLOB_FILTER_CHECK_FOR_BINARY;` is invalid as there is no `&=` operator for `enum`). Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed
-
- 21 Sep, 2019 8 commits
-
-
Right now, all tests in libgit2's CI are being executed as root user. As libgit2 will usually not run as a root user in "normal" usecases and furthermore as there are tests that rely on the ability to _not_ be able to create certain paths, let's instead create an unprivileged user "libgit2" and use that across all docker images.
Patrick Steinhardt committed -
valgrind: suppress memory leaks in libssh2_session_handshake
Patrick Steinhardt committed -
On Ubuntu, the combination of libgcrypt and libssh2 is quite old and known to contain memory leaks. We thus have several functions listed in our suppressions file that are known to leak. Due to a recent update of libssh2 or libgcrypt, there now are new memory leaks caused by libssh2_session_handshake and libssh2_init that cause the CI to fail. Add a new suppression to fix the issue.
Patrick Steinhardt committed -
buffer: fix writes into out-of-memory buffers
Edward Thomson committed -
The old POSIX regex wrappers have been superseded by our own regexp API that provides a higher-level abstraction. Remove the POSIX wrappers in favor of the new one.
Patrick Steinhardt committed -
The old POSIX regex API has been superseded by our new regexp API. Convert all users to make use of the new one.
Patrick Steinhardt committed -
We currently support a set of different regular expression backends with PCRE, PCRE2, regcomp(3P) and regcomp_l(3). The current implementation of this is done via a simple POSIX wrapper that either directly uses supplied functions or that is a very small wrapper. To support PCRE and PCRE2, we use their provided <pcreposix.h> and <pcre2posix.h> wrappers. These wrappers are implemented in such a way that the accompanying libraries pcre-posix and pcre2-posix provide the same symbols as the libc ones, namely regcomp(3P) et al. This works out on some systems just fine, most importantly on glibc-based ones, where the regular expression functions are implemented as weak aliases and thus get overridden by linking in the pcre{,2}-posix library. On other systems we depend on the linking order of libc and pcre library, and as libc always comes first we will end up with the functions of the libc implementation. As a result, we may use the structures `regex_t` and `regmatch_t` declared by <pcre{,2}posix.h>, but use functions defined by the libc, leading to segfaults. The issue is not easily solvable. Somed distributions like Debian have resolved this by patching PCRE and PCRE2 to carry custom prefixes to all the POSIX function wrappers. But this is not supported by upstream and thus inherently unportable between distributions. We could instead try to modify linking order, but this starts becoming fragile and will not work e.g. when libgit2 is loaded via dlopen(3P) or similar ways. In the end, this means that we simply cannot use the POSIX wrappers provided by the PCRE libraries at all. Thus, this commit introduces a new regular expression API. The new API is on a tad higher level than the previous POSIX abstraction layer, as it tries to abstract away any non-portable flags like e.g. REG_EXTENDED, which has no equivalents in all of our supported backends. As there are no users of POSIX regular expressions that do _not_ reguest REG_EXTENDED this is fine to be abstracted away, though. Due to the API being higher-level than before, it should generally be a tad easier to use than the previous one. Note: ideally, the new API would've been called `git_regex_foobar` with a file "regex.h" and "regex.c". Unfortunately, this is currently impossible to implement due to naming clashes between the then-existing "regex.h" and <regex.h> provided by the libc. As we add the source directory of libgit2 to the header search path, an include of <regex.h> would always find our own "regex.h". Thus, we have to take the bitter pill of adding one more character to all the functions to disambiguate the includes. To improve guarantees around cross-backend compatibility, this commit also brings along an improved regular expression test suite core::regexp.
Patrick Steinhardt committed -
Before printing into a `git_buf` structure, we always call `ENSURE_SIZE` first. This macro will reallocate the buffer as-needed depending on whether the current amount of allocated bytes is sufficient or not. If `asize` is big enough, then it will just do nothing, otherwise it will call out to `git_buf_try_grow`. But in fact, it is insufficient to only check `asize`. When we fail to allocate any more bytes e.g. via `git_buf_try_grow`, then we set the buffer's pointer to `git_buf__oom`. Note that we touch neither `asize` nor `size`. So if we just check `asize > targetsize`, then we will happily let the caller of `ENSURE_SIZE` proceed with an out-of-memory buffer. As a result, we will print all bytes into the out-of-memory buffer instead, resulting in an out-of-bounds write. Fix the issue by having `ENSURE_SIZE` verify that the buffer is not marked as OOM. Add a test to verify that we're not writing into the OOM buffer.
Patrick Steinhardt committed
-