- 18 Apr, 2022 1 commit
-
-
sha256: refactoring in preparation for sha256
Edward Thomson committed
-
- 12 Apr, 2022 7 commits
-
-
Validate repository directory ownership
Edward Thomson committed -
Introduce the `GIT_OPT_SET_OWNER_VALIDATION` option, so that users can disable repository ownership validation.
Edward Thomson committed -
Obey the `safe.directory` configuration variable if it is set in the global or system configuration. (Do not try to load this from the repository configuration - to avoid malicious repositories that then mark themselves as safe.)
Edward Thomson committed -
Pull the global configuration loader out of the symlink check so that it can be re-used.
Edward Thomson committed -
Test that we prevent opening directories that are not owned by ourselves.
Edward Thomson committed -
Provide a mock for file ownership for testability.
Edward Thomson committed -
Ensure that the repository directory is owned by the current user; this prevents us from opening configuration files that may have been created by an attacker.
Edward Thomson committed
-
- 11 Apr, 2022 1 commit
-
-
Provide individual file ownership checks for both the current user and the system user, as well as a combined current user and system user check.
Edward Thomson committed
-
- 10 Apr, 2022 17 commits
-
-
The indexer expects raw oid data, provide it.
Edward Thomson committed -
A multi-pack index uses raw oid data, use a byte array to index into them.
Edward Thomson committed -
The index contains entries with raw oid data, use a byte array for the raw entry data.
Edward Thomson committed -
A packfile contains arrays of raw oid data, use a byte array to index into them.
Edward Thomson committed -
The commit graph contains arrays of raw oid data, use a byte array to index into them.
Edward Thomson committed -
Now that oids are type-aware, they use their type to understand how many bytes to copy. Some callers may need to copy the raw bytes of the object id. This is equivalent to a memcpy that is a little more semantic.
Edward Thomson committed -
Edward Thomson committed
-
We will talk about "raw" oids as untyped blobs of data; use a name for the comparison function that is in keeping with that.
Edward Thomson committed -
Create an object id from raw data instead of casting.
Edward Thomson committed -
Don't write the object id structure, write its raw oid data.
Edward Thomson committed -
We explicitly want to write on the id data, not the beginning of the object data, which may contain other information in the future.
Edward Thomson committed -
We explicitly want to hash on the id data, not the beginning of the object data, which may contain other information in the future.
Edward Thomson committed -
Don't assume that a `git_oid` is a particular size; allocate `sizeof(git_oid)` instead.
Edward Thomson committed -
A tree entry previously pointed directly into the object id within the tree object itself; this is useful to avoid any unnecessary memory copy (and an unnecessary use of 40 bytes per tree entry) but difficult if we change the underlying `git_oid` object to not simply be a raw object id but have additional structure. This commit moves the `git_oid` directly into the tree entry; this simplifies the tree entry creation from user data. We now copy the `git_oid` into place when parsing.
Edward Thomson committed -
midx: Fix an undefined behavior (left-shift signed overflow)
Edward Thomson committed -
Fix crash when regenerating a patch with unquoted spaces in filename
Edward Thomson committed -
Edward Thomson committed
-
- 06 Apr, 2022 4 commits
-
-
tests: support flaky stat
Edward Thomson committed -
The 32-bit ARM QEMU builds are flaky when running `lstat`. Disable those testing `lstat`'s `st_size` temporarily.
Edward Thomson committed -
diff: don't stat empty file on arm32 (flaky test)
Edward Thomson committed -
sha256: support dynamically loaded openssl
Edward Thomson committed
-
- 05 Apr, 2022 1 commit
-
-
There was a missing check to ensure that the `off64_t` (which is a signed value) didn't overflow when parsing it from the midx file. This shouldn't have huge repercusions since the parsed value is immediately validated afterwards, but then again, there is no such thing as "benign" undefined behavior. This change makes all the bitwise arithmetic happen with unsigned types and is only casted to `off64_t` until the very end. Thanks to Taotao Gu for finding and reporting this!
lhchavez committed
-
- 04 Apr, 2022 3 commits
-
-
fetch: support OID refspec without dst
Edward Thomson committed -
Edward Thomson committed
-
Our CI test infrastructure virtualizes arm32 in docker, which is a sometimes imperfect situation. In `diff::workdir::can_diff_empty_file`, avoid the stat to ensure that the file is zero bytes; there is an odd issue running in qemu when emulating arm32 that we should skip.
Edward Thomson committed
-
- 23 Mar, 2022 6 commits
-
-
SHA256: add a SHA256 implementation backend
Edward Thomson committed -
gcc (mingw) warns when you cast the result of `GetProcAddress`; cast the results to `void *` before casting them to the actual result.
Edward Thomson committed -
When GIT_SHA1_WIN32 or GIT_SHA256_WIN32 is used, ensure that we test both CryptoNG ("cng") and CryptoAPI.
Edward Thomson committed -
Adding SHA256 support prompted an overdue refactoring of some of the unnecessary complexity around the CNG/CryptoAPI abstraction.
Edward Thomson committed -
Edward Thomson committed
-
Edward Thomson committed
-