- 19 Mar, 2018 5 commits
-
-
Steven King Jr committed
-
Steven King Jr committed
-
Steven King Jr committed
-
online::clone: skip creds fallback test
Edward Thomson committed -
At present, we have three online tests against bitbucket: one which specifies the credentials in the payload, one which specifies the correct credentials in the URL and a final one that specifies the incorrect credentials in the URL. Bitbucket has begun responding to the latter test with a 403, which causes us to fail. Break these three tests into separate tests so that we can skip the latter until this is resolved on Bitbucket's end or until we can change the test to a different provider.
Edward Thomson committed
-
- 13 Mar, 2018 1 commit
-
-
pathspec: improve git_pathspec_flag_t doc rendering
Patrick Steinhardt committed
-
- 12 Mar, 2018 2 commits
-
-
Index parsing fixes
Edward Thomson committed -
config: specify how we match the regular expressions
Edward Thomson committed
-
- 11 Mar, 2018 1 commit
-
-
Carlos Martín Nieto committed
-
- 10 Mar, 2018 3 commits
-
-
When computing the complete path length from the encoded prefix-compressed path, we end up just allocating the complete path without ever checking what the encoded path length actually is. This can easily lead to a denial of service by just encoding an unreasonable long path name inside of the index. Git already enforces a maximum path length of 4096 bytes. As we also have that enforcement ready in some places, just make sure that the resulting path is smaller than GIT_PATH_MAX. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
Patrick Steinhardt committed -
The index format in version 4 has prefix-compressed entries, where every index entry can compress its path by using a path prefix of the previous entry. Since implmenting support for this index format version in commit 5625d86b (index: support index v4, 2016-05-17), though, we do not correctly verify that the prefix length that we want to reuse is actually smaller or equal to the amount of characters than the length of the previous index entry's path. This can lead to a an integer underflow and subsequently to an out-of-bounds read. Fix this by verifying that the prefix is actually smaller than the previous entry's path length. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
Patrick Steinhardt committed -
The function `read_entry` does not conform to our usual coding style of returning stuff via the out parameter and to use the return value for reporting errors. Due to most of our code conforming to that pattern, it has become quite natural for us to actually return `-1` in case there is any error, which has also slipped in with commit 5625d86b (index: support index v4, 2016-05-17). As the function returns an `size_t` only, though, the return value is wrapped around, causing the caller of `read_tree` to continue with an invalid index entry. Ultimately, this can lead to a double-free. Improve code and fix the bug by converting the function to return the index entry size via an out parameter and only using the return value to indicate errors. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
Patrick Steinhardt committed
-
- 08 Mar, 2018 3 commits
-
-
Integer overflow
Patrick Steinhardt committed -
Jacques Germishuys committed
-
Jacques Germishuys committed
-
- 07 Mar, 2018 2 commits
-
-
deps: upgrade embedded zlib to version 1.2.11
Edward Thomson committed -
The current version of zlib bundled with libgit2 is version 1.2.8. This version has several CVEs assigned: - CVE-2016-9843 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9840 Upgrade the bundled version to the current release 1.2.11, which has these vulnerabilities fixes.
Patrick Steinhardt committed
-
- 04 Mar, 2018 2 commits
-
-
CHANGELOG: mention the change to `git_odb_open_rstream`
Edward Thomson committed -
Worktree lock reason should be const
Edward Thomson committed
-
- 03 Mar, 2018 1 commit
-
-
Jacques Germishuys committed
-
- 02 Mar, 2018 2 commits
-
-
Jacques Germishuys committed
-
Carlos Martín Nieto committed
-
- 28 Feb, 2018 11 commits
-
-
Cast less blindly between configuration objects
Patrick Steinhardt committed -
curl: initialize and cleanup global curl state
Edward Thomson committed -
Instead of treating it as a no-op, treat it as a programming error and return the same kind of error as if you called to set or delete variables on a snapshot.
Carlos Martín Nieto committed -
tree: initialize the id we use for testing submodule insertions
Patrick Steinhardt committed -
win32: strncmp -> git__strncmp for win32 STDCALL
Patrick Steinhardt committed -
Our curl-based streams make use of the easy curl interface. This interface automatically initializes and de-initializes the global curl state by calling out to `curl_global_init` and `curl_global_cleanup`. Thus, all global state will be repeatedly re-initialized when creating multiple curl streams in succession. Despite being inefficient, this is not thread-safe due to `curl_global_init` being not thread-safe itself. Thus a multi-threaded programing handling multiple curl streams at the same time is inherently racy. Fix the issue by globally initializing and cleaning up curl's state.
Patrick Steinhardt committed -
The win32 C library is compiled cdecl, however when configured with `STDCALL=ON`, our functions (and function pointers) will use the stdcall calling convention. You cannot set a `__stdcall` function pointer to a `__cdecl` function, so it's easier to just use our `git__strncmp` instead of sorting that mess out.
Edward Thomson committed -
Instead of laving it uninitialized and relying on luck for it to be non-zero, let's give it a dummy hash so we make valgrind happy (in this case the hash comes from `sha1sum </dev/null`.
Carlos Martín Nieto committed -
When we create an iterator we don't actually know that we have a live config object and we must instead only rely on the header. We fixed it to use this in a previous commit, but this makes it harder to misuse by converting to use the header object in the typecast. We also guard inside the `config_refresh` function against being given a snapshot (although callers right now do check).
Carlos Martín Nieto committed -
We use it in a few places where we might have a full object or a snapshot so move it to where we can actually access it.
Carlos Martín Nieto committed -
We pass this around and when creating a new iterator we need to read the repository pointer. Put it in a common place so we can reach it regardless of whether we got a full object or a snapshot.
Carlos Martín Nieto committed
-
- 27 Feb, 2018 5 commits
-
-
Respect core.filemode in checkout
Edward Thomson committed -
winhttp: enable TLS 1.2
Edward Thomson committed -
Versions of Windows prior to Windows 8 do not enable TLS 1.2 by default, though support may exist. Try to enable TLS 1.2 support explicitly on connections. This request may fail if the operating system does not have TLS 1.2 support - the initial release of Vista lacks TLS 1.2 support (though it is available as a software update) and XP completely lacks TLS 1.2 support. If this request does fail, the HTTP context is still valid, and still maintains the original protocol support. So we ignore the failure from this operation.
Edward Thomson committed -
For platforms that do not define `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and/or `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2`.
Edward Thomson committed -
Include the constants for `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2` so that they can be used by mingw. This updates both the `deps/winhttp` framework (for classic mingw) and adds the defines for mingw64, which does not use that framework.
Edward Thomson committed
-
- 25 Feb, 2018 2 commits
-
-
travis: use custom libssh2-1-dev package
Edward Thomson committed -
To avoid pull requests needing to rebase, keep the libssh2-1-dev package as the development package for libssh2. Reverting to the original Debian package structure.
Edward Thomson committed
-