- 21 Oct, 2019 1 commit
-
-
When the patch contains lines close to INT_MAX, then it may happen that we end up with an integer overflow when calculating the line of the current diff hunk. Reject such patches as unreasonable to avoid the integer overflow. As the calculation is performed on integers, we introduce two new helpers `git__add_int_overflow` and `git__sub_int_overflow` that perform the integer overflow check in a generic way.
Patrick Steinhardt committed
-
- 19 Oct, 2019 3 commits
-
-
We've got two locations where we copy lines into the patch. The first one is when copying normal " ", "-" or "+" lines, while the second location gets executed when we copy "\ No newline at end of file" lines. While the first one correctly uses `git__strndup` to copy only until the newline, the other one doesn't. Thus, if the line occurs at the end of the patch and if there is no terminating NUL character, then it may result in an out-of-bounds read. Fix the issue by using `git__strndup`, as was already done in the other location. Furthermore, add allocation checks to both locations to detect out-of-memory situations.
Patrick Steinhardt committed -
When parsing patch headers, we currently accept empty path names just fine, e.g. a line "--- \n" would be parsed as the empty filename. This is not a valid patch format and may cause `NULL` pointer accesses at a later place as `git_buf_detach` will return `NULL` in that case. Reject such patches as malformed with a nice error message.
Patrick Steinhardt committed -
It's currently possible to have patches with multiple old path name headers. As we didn't check for this case, this resulted in a memory leak when overwriting the old old path with the new old path because we simply discarded the old pointer. Instead of fixing this by free'ing the old pointer, we should reject such patches altogether. It doesn't make any sense for the "---" or "+++" markers to occur multiple times within a patch n the first place. This also implicitly fixes the memory leak.
Patrick Steinhardt committed
-
- 18 Oct, 2019 1 commit
-
-
fuzzers: add a new fuzzer for patch parsing
Patrick Steinhardt committed
-
- 17 Oct, 2019 8 commits
-
-
I was looking at this code anyway because the sr.ht people nerdsniped me, and it gave me that "I should fuzz this" feeling. So have a fuzzer!
Augie Fackler committed -
patch_parse: handle patches without extended headers
Patrick Steinhardt committed -
Provide a wrapper for simple submodule clone steps
Patrick Steinhardt committed -
Add two more tests that verify our behaviour in some edge cases, notably when cloning into a non-empty directory and when cloning the same submodule twice.
Patrick Steinhardt committed -
The test submodule::add::submodule_clone doesn't use a sandbox, and thus the created repo will not get deleted after the test has finished. Convert the test to use the empty standard repo sandbox instead to fix this.
Patrick Steinhardt committed -
The test submodule::add::homemade_clone unfortunately doesn't test what's expected, but does instead clone the submodule to a directory that is outside of the parent repository. Fixing this by cloning to the correct location isn't possible, though, as `git_submodule_add_setup` will have pre-created a ".git" file already, which will cause `git_clone` to error out. As it's not possible to perform the clone without fiddling around with the repo's layout, let's just remove this test as that is in fact what the new `git_submodule_clone` function is for.
Patrick Steinhardt committed -
Etienne Samson committed
-
macOS GSS Support
Patrick Steinhardt committed
-
- 16 Oct, 2019 2 commits
-
-
Extended header lines (especially the "index <hash>..<hash> <mode>") are not required by "git apply" so it import patches. So we allow the from-file/to-file lines (--- a/file\n+++ b/file) to directly follow the git diff header. This fixes #5267.
Denis Laxalde committed -
cmake: correct the link stanza for CoreFoundation
Edward Thomson committed
-
- 13 Oct, 2019 5 commits
-
-
LIBRARIES is the (absolute?) path to the library. LDFLAGS is the full linker stanza to correctly link with this lib. By passing LIBRARIES as LIBGIT_LIBS, the linker ends up with the absolute path for the SDK'ed version of CoreFoundation (which doesn't exist), instead of the familiar `-framework CoreFoundation`.
Etienne Samson committed -
Etienne Samson committed
-
Etienne Samson committed
-
Etienne Samson committed
-
Etienne Samson committed
-
- 11 Oct, 2019 2 commits
-
-
Fix file locking on POSIX OS
Patrick Steinhardt committed -
cmake: update minimum CMake version to v3.5.1
Patrick Steinhardt committed
-
- 10 Oct, 2019 3 commits
-
-
The flag GIT_FILEBUF_FORCE currently does two things: 1. It will cause the filebuf to create non-existing leading directories for the file that is about to be written. 2. It will forcibly remove any pre-existing locks. While most call sites actually do want (1), they do not want to remove pre-existing locks, as that renders the locking mechanisms effectively useless. Introduce a new flag `GIT_FILEBUF_CREATE_LEADING_DIRS` to separate both behaviours cleanly from each other and convert callers to use it instead of `GIT_FILEBUF_FORCE` to have them honor locked files correctly. As this conversion removes all current users of `GIT_FILEBUF_FORCE`, this commit removes the flag altogether.
Sebastian Henke committed -
patch_parse: handle patches with new empty files
Patrick Steinhardt committed -
Back in commit cf9f3452 (cmake: bump minimum version to 2.8.11, 2017-09-06), we have bumped the minimum CMake version to require at least v2.8.11. The main hold-backs back then were distributions like RHEL/CentOS as well as Ubuntu Trusty, which caused us to not target a more modern version. Nowadays, Ubuntu Trusty has been EOL'd and CentOS 6 has CMake v3.6.1 available via the EPEL6 repository, and thus it seems fair to upgrade to a more recent version. Going through repology [1], one can see that all supported mainstream distributions do in fact have CMake 3 available. Going through the list, the minimum version that is supported by all mainstream distros is in fact v3.5.1: - CentOS 6 via EPEL6: 3.6.1 - Debian Oldstable: 3.7.2 - Fedora 26: 3.8.2 - OpenMandriva 3.x: 3.5.1 - Slackware 14.2: 3.5.2 - Ubuntu 16.04: 3.5.1 Consequentally, let's upgrade CMake to the minimum version of 3.5.1 and remove all the version CMake checks that aren't required anymore. [1]: https://repology.org/project/cmake/versions
Patrick Steinhardt committed
-
- 03 Oct, 2019 4 commits
-
-
DRY commit parsing
Patrick Steinhardt committed -
The commit list's in- and out-degrees are currently stored as `unsigned short`. When assigning it the value of `git_array_size`, which returns an `size_t`, this generates a warning on some Win32 platforms due to loosing precision. We could just cast the returned value of `git_array_size`, which would work fine for 99.99% of all cases as commits typically have less than 2^16 parents. For crafted commits though we might end up with a wrong value, and thus we should definitely check whether the array size actually fits into the field. To ease the check, let's convert the fields to store the degrees as `uint16_t`. We shouldn't rely on such unspecific types anyway, as it may lead to different behaviour across platforms. Furthermore, this commit introduces a new `git__is_uint16` function to check whether it actually fits -- if not, we return an error.
Patrick Steinhardt committed -
Etienne Samson committed
-
This allows us to pick which data from a commit we're interested in. This will be used by the revwalk code, which is only interested in parents' and committer data.
Etienne Samson committed
-
- 28 Sep, 2019 3 commits
-
-
azure: avoid building and testing in Docker as root
Edward Thomson committed -
regexp: implement a new regular expression API
Edward Thomson committed -
Patches containing additions of empty files will not contain diff data but will end with the index header line followed by the terminating sequence "-- ". We follow the same logic as in cc4c44a9 and allow "-- " to immediately follow the index header.
Denis Laxalde committed
-
- 27 Sep, 2019 1 commit
-
-
git_refdb API fixes
Patrick Steinhardt committed
-
- 26 Sep, 2019 2 commits
-
-
Don't use enum for flags
Patrick Steinhardt committed -
Using an `enum` causes trouble when used with C++ as bitwise operations are not possible w/o casting (e.g., `opts.flags &= ~GIT_BLOB_FILTER_CHECK_FOR_BINARY;` is invalid as there is no `&=` operator for `enum`). Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed
-
- 21 Sep, 2019 5 commits
-
-
Right now, all tests in libgit2's CI are being executed as root user. As libgit2 will usually not run as a root user in "normal" usecases and furthermore as there are tests that rely on the ability to _not_ be able to create certain paths, let's instead create an unprivileged user "libgit2" and use that across all docker images.
Patrick Steinhardt committed -
valgrind: suppress memory leaks in libssh2_session_handshake
Patrick Steinhardt committed -
On Ubuntu, the combination of libgcrypt and libssh2 is quite old and known to contain memory leaks. We thus have several functions listed in our suppressions file that are known to leak. Due to a recent update of libssh2 or libgcrypt, there now are new memory leaks caused by libssh2_session_handshake and libssh2_init that cause the CI to fail. Add a new suppression to fix the issue.
Patrick Steinhardt committed -
buffer: fix writes into out-of-memory buffers
Edward Thomson committed -
The old POSIX regex wrappers have been superseded by our own regexp API that provides a higher-level abstraction. Remove the POSIX wrappers in favor of the new one.
Patrick Steinhardt committed
-