1. 03 Mar, 2017 1 commit
  2. 13 Feb, 2017 2 commits
    • commit: avoid possible use-after-free · ade0d9c6
      When extracting a commit's signature, we first free the object and only
      afterwards put its signature contents into the result buffer. This works
      in most cases - the free'd object will normally be cached anyway, so we
      only end up decrementing its reference count without actually freeing
      its contents. But in some more exotic setups, where caching is disabled,
      this can definitly be a problem, as we might be the only instance
      currently holding a reference to this object.
      
      Fix this issue by first extracting the contents and freeing the object
      afterwards only.
      Patrick Steinhardt committed
    • commit: clear user-provided buffers · dc851d9e
      The functions `git_commit_header_field` and
      `git_commit_extract_signature` both receive buffers used to hand back
      the results to the user. While these functions called `git_buf_sanitize`
      on these buffers, this is not the right thing to do, as it will simply
      initialize or zero-terminate passed buffers. As we want to overwrite
      contents, we instead have to call `git_buf_clear` to completely reset
      them.
      Patrick Steinhardt committed
  3. 29 Dec, 2016 1 commit
  4. 09 Oct, 2016 1 commit
    • commit: always initialize commit message · a719ef5e
      When parsing a commit, we will treat all bytes left after parsing
      the headers as the commit message. When no bytes are left, we
      leave the commit's message uninitialized. While uncommon to have
      a commit without message, this is the right behavior as Git
      unfortunately allows for empty commit messages.
      
      Given that this scenario is so uncommon, most programs acting on
      the commit message will never check if the message is actually
      set, which may lead to errors. To work around the error and not
      lay the burden of checking for empty commit messages to the
      developer, initialize the commit message with an empty string
      when no commit message is given.
      Patrick Steinhardt committed
  5. 01 Jun, 2016 1 commit
  6. 03 May, 2016 1 commit
  7. 23 Mar, 2016 1 commit
  8. 17 Mar, 2016 1 commit
  9. 15 Mar, 2016 1 commit
  10. 08 Mar, 2016 1 commit
  11. 28 Feb, 2016 1 commit
  12. 16 Feb, 2016 1 commit
  13. 11 Feb, 2016 1 commit
    • commit: don't forget the last header field · 460ae11f
      When we moved the logic to handle the first one, wrong loop logic was
      kept in place which meant we still finished early. But we now notice it
      because we're not reading past the last LF we find.
      
      This was not noticed before as the last field in the tested commit was
      multi-line which does not trigger the early break.
      Carlos Martín Nieto committed
  14. 09 Feb, 2016 2 commits
  15. 01 Dec, 2015 1 commit
    • commit: introduce `git_commit_body` · 7f8fe1d4
      It is already possible to get a commit's summary with the
      `git_commit_summary` function. It is not possible to get the
      remaining part of the commit message, that is the commit
      message's body.
      
      Fix this by introducing a new function `git_commit_body`.
      Patrick Steinhardt committed
  16. 03 Nov, 2015 1 commit
  17. 22 Jun, 2015 1 commit
  18. 11 Jun, 2015 1 commit
    • commit: ignore multiple author fields · 65d69fe8
      Some tools create multiple author fields. git is rather lax when parsing
      them, although fsck does complain about them. This means that they exist
      in the wild.
      
      As it's not too taxing to check for them, and there shouldn't be a
      noticeable slowdown when dealing with correct commits, add logic to skip
      over these extra fields when parsing the commit.
      Carlos Martín Nieto committed
  19. 03 Mar, 2015 1 commit
    • Remove the signature from ref-modifying functions · 659cf202
      The signature for the reflog is not something which changes
      dynamically. Almost all uses will be NULL, since we want for the
      repository's default identity to be used, making it noise.
      
      In order to allow for changing the identity, we instead provide
      git_repository_set_ident() and git_repository_ident() which allow a user
      to override the choice of signature.
      Carlos Martín Nieto committed
  20. 15 Feb, 2015 1 commit
  21. 27 Oct, 2014 1 commit
  22. 29 Apr, 2014 1 commit
    • commit: safer commit creation with reference update · 217c029b
      The current version of the commit creation and amend function are unsafe
      to use when passing the update_ref parameter, as they do not check that
      the reference at the moment of update points to what the user expects.
      
      Make sure that we're moving history forward when we ask the library to
      update the reference for us by checking that the first parent of the new
      commit is the current value of the reference. We also make sure that the
      ref we're updating hasn't moved between the read and the write.
      
      Similarly, when amending a commit, make sure that the current tip of the
      branch is the commit we're amending.
      Carlos Martín Nieto committed
  23. 07 Mar, 2014 1 commit
  24. 25 Feb, 2014 1 commit
  25. 08 Feb, 2014 1 commit
    • Add git_commit_amend API · 80c29fe9
      This adds an API to amend an existing commit, basically a shorthand
      for creating a new commit filling in missing parameters from the
      values of an existing commit.  As part of this, I also added a new
      "sys" API to create a commit using a callback to get the parents.
      This allowed me to rewrite all the other commit creation APIs so
      that temporary allocations are no longer needed.
      Russell Belfer committed
  26. 05 Feb, 2014 1 commit
    • commit: faster parsing · a6563619
      The current code issues a lot of strncmp() calls in order to check for
      the end of the header, simply in order to copy it and start going
      through it again. These are a lot of calls for something we can check as
      we go along. Knowing the amount of parents beforehand to reduce
      allocations in extreme cases does not make up for them.
      
      Instead start parsing immediately and check for the double-newline after
      each header field, leaving the raw_header allocation for the end, which
      lets us go through the header once and reduces the amount of strncmp()
      calls significantly.
      
      In unscientific testing, this has reduced a shortlog-like usage (walking
      though the whole history of a branch and extracting data from the
      commits) of git.git from ~830ms to ~700ms and makes the time we spend in
      strncmp() negligible.
      Carlos Martín Nieto committed
  27. 04 Feb, 2014 1 commit
  28. 25 Jan, 2014 1 commit
  29. 22 Jan, 2014 1 commit
  30. 15 Jan, 2014 1 commit
  31. 08 Dec, 2013 1 commit
  32. 02 Dec, 2013 1 commit
  33. 03 Oct, 2013 1 commit
  34. 30 Sep, 2013 1 commit
  35. 11 Jul, 2013 1 commit
  36. 10 Jul, 2013 2 commits
  37. 16 May, 2013 1 commit
    • Add cat-file example and increase const use in API · 58206c9a
      This adds an example implementation that emulates git cat-file.
      It is a convenient and relatively simple example of getting data
      out of a repository.
      
      Implementing this also revealed that there are a number of APIs
      that are still not using const pointers to objects that really
      ought to be.  The main cause of this is that `git_vector_bsearch`
      may need to call `git_vector_sort` before doing the search, so a
      const pointer to the vector is not allowed.  However, for tree
      objects, with a little care, we can ensure that the vector of
      tree entries is always sorted and allow lookups to take a const
      pointer.  Also, the missing const in commit objects just looks
      like an oversight.
      Russell Belfer committed