1. 22 Jan, 2019 1 commit
  2. 01 Dec, 2018 1 commit
  3. 25 Oct, 2018 2 commits
    • tag: fix out of bounds read when searching for tag message · ee11d47e
      When parsing tags, we skip all unknown fields that appear before the tag
      message. This skipping is done by using a plain `strstr(buffer, "\n\n")`
      to search for the two newlines that separate tag fields from tag
      message. As it is not possible to supply a buffer length to `strstr`,
      this call may skip over the buffer's end and thus result in an out of
      bounds read. As `strstr` may return a pointer that is out of bounds, the
      following computation of `buffer_end - buffer` will overflow and result
      in an allocation of an invalid length.
      
      Fix the issue by using `git__memmem` instead. Add a test that verifies
      parsing the tag fails not due to the allocation failure but due to the
      tag having no message.
      Patrick Steinhardt committed
    • tests: add tests that exercise tag parsing · 4c738e56
      While the tests in object::tag::read exercises reading and parsing valid
      tags from the ODB, they barely try to verify that the parser fails in a
      sane way when parsing invalid tags. Create a new test suite
      object::tag::parse that directly exercise the parser by using
      `git_object__from_raw` and add various tests for valid and invalid tags.
      Patrick Steinhardt committed
  4. 13 Jul, 2018 1 commit
    • treewide: remove use of C++ style comments · 9994cd3f
      C++ style comment ("//") are not specified by the ISO C90 standard and
      thus do not conform to it. While libgit2 aims to conform to C90, we did
      not enforce it until now, which is why quite a lot of these
      non-conforming comments have snuck into our codebase. Do a tree-wide
      conversion of all C++ style comments to the supported C style comments
      to allow us enforcing strict C90 compliance in a later commit.
      Patrick Steinhardt committed
  5. 25 Apr, 2016 1 commit
  6. 14 Nov, 2013 1 commit