- 12 Oct, 2018 32 commits
-
-
(cherry picked from commit 24b8dd82)
Edward Thomson committed -
(cherry picked from commit 465f8b51)
Edward Thomson committed -
(cherry picked from commit f7bb4ff8)
Edward Thomson committed -
(cherry picked from commit 6fb63c92)
Patrick Steinhardt committed -
(cherry picked from commit dc6e80e2)
Patrick Steinhardt committed -
The leaks process is not good about handling children. Ensure that its child is `nohup`ed so that the grandparent shell won't wait for it to exit. (cherry picked from commit 6eb97b6b)
Edward Thomson committed -
(cherry picked from commit 230eeda8)
Edward Thomson committed -
(cherry picked from commit b00672b9)
Edward Thomson committed -
(cherry picked from commit afecd15c)
Edward Thomson committed -
(cherry picked from commit 7f12c123)
Edward Thomson committed -
On Linux (where we run valgrind) allocate a smaller buffer, but still an insanely large size. This will cause malloc to fail but will not cause valgrind to report a likely error with a negative-sized malloc. Keep the original buffer size on non-Linux platforms: this is well-tested on them and changing it may be problematic. On macOS, for example, using the new size causes `malloc` to print a warning to stderr. (cherry picked from commit 219512e7)
Edward Thomson committed -
(cherry picked from commit 6d6700d2)
Patrick Steinhardt committed -
(cherry picked from commit 67f5304f)
Edward Thomson committed -
(cherry picked from commit 9e588060)
Edward Thomson committed -
Script to set up dependencies on a macOS build system. (cherry picked from commit 87342404)
Edward Thomson committed -
Sets up a linux host to prepare for a build. (cherry picked from commit 5bb2087b)
Edward Thomson committed -
Refactor citest.sh to enable local testing by developers. (cherry picked from commit 451b0017)
Edward Thomson committed -
(cherry picked from commit bf418f09)
Edward Thomson committed -
Add citest.ps1 PowerShell script to run the tests. (cherry picked from commit e2cc5b6d)
Edward Thomson committed -
(cherry picked from commit 3b6281fa)
Edward Thomson committed -
Simplify the names for the tests, removing the unnecessary "libgit2-clar" prefix. Make "all" the new default test run, and include the online tests by default (since HTTPS should always be enabled). For the CI tests, create an offline-only test, then the various online tests. (cherry picked from commit ce798b25)
Edward Thomson committed -
(cherry picked from commit 61eaaadf)
Etienne Samson committed -
(cherry picked from commit 149790b9)
Etienne Samson committed -
(cherry picked from commit 4c969618)
Etienne Samson committed -
(cherry picked from commit 0fb8c1d0)
Etienne Samson committed -
The goal is to let cmake manage the parallelism (cherry picked from commit 1f4ada2a)
Etienne Samson committed -
==17851== Invalid free() / delete / delete[] / realloc() ==17851== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==17851== by 0x60BBE2B: __libc_freeres (in /lib/x86_64-linux-gnu/libc-2.19.so) ==17851== by 0x4A256BC: _vgnU_freeres (in /usr/lib/valgrind/vgpreload_core-amd64-linux.so) ==17851== by 0x5F8F16A: __run_exit_handlers (exit.c:97) ==17851== by 0x5F8F1F4: exit (exit.c:104) ==17851== by 0x5F74F4B: (below main) (libc-start.c:321) ==17851== Address 0x63153c0 is 0 bytes inside data symbol "noai6ai_cached" (cherry picked from commit 234443e3)
Etienne Samson committed -
==2957== 912 bytes in 19 blocks are still reachable in loss record 323 of 369 ==2957== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2957== by 0x675B120: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675BDF8: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675FE0D: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x6761DC4: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x676477E: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675B071: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675B544: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675914B: gcry_control (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x5D30EC9: libssh2_init (in /usr/lib/x86_64-linux-gnu/libssh2.so.1.0.1) ==2957== by 0x66BCCD: git_transport_ssh_global_init (ssh.c:910) ==2957== by 0x616443: init_common (global.c:65) (cherry picked from commit dd75885a)
Etienne Samson committed -
(cherry picked from commit 573c4089)
Etienne Samson committed -
==18109== 664 bytes in 1 blocks are still reachable in loss record 279 of 339 ==18109== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==18109== by 0x675B120: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x675C13C: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x675C296: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x679BD14: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x679CC64: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x6A64946: ??? (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6) ==18109== by 0x6A116E8: ??? (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6) ==18109== by 0x6A01114: gnutls_global_init (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6) ==18109== by 0x52A6C78: ??? (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.3.0) ==18109== by 0x5285ADC: curl_global_init (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.3.0) ==18109== by 0x663524: git_curl_stream_global_init (curl.c:44) (cherry picked from commit c0c9e9ee)
Etienne Samson committed -
(cherry picked from commit 74b0a432)
Etienne Samson committed -
(cherry picked from commit 2f4e7cb0)
Etienne Samson committed
-
- 05 Oct, 2018 7 commits
-
-
Security release v0.27.5
Patrick Steinhardt committed -
Patrick Steinhardt committed
-
Patrick Steinhardt committed
-
These can be used to inject options in an implementation which performs a recursive clone by executing an external command via crafted url and path attributes such that it triggers a local executable to be run. The library is not vulnerable as we do not rely on external executables but a user of the library might be relying on that so we add this protection. This matches this aspect of git's fix for CVE-2018-17456.
Carlos Martín Nieto committed -
Carlos Martín Nieto committed
-
In case a configuration includes a key "include.path=" without any value, the generated configuration entry will have its value set to `NULL`. This is unexpected by the logic handling includes, and as soon as we try to calculate the included path we will unconditionally dereference that `NULL` pointer and thus segfault. Fix the issue by returning early in both `parse_include` and `parse_conditional_include` in case where the `file` argument is `NULL`. Add a test to avoid future regression. The issue has been found by the oss-fuzz project, issue 10810. (cherry picked from commit d06d4220)
Patrick Steinhardt committed -
While our tests in config::include create a plethora of configuration files, most of them do not get removed at the end of each test. This can cause weird interactions with tests that are being run at a later stage if these later tests try to create files or directories with the same name as any of the created configuration files. Fix the issue by unlinking all created files at the end of these tests. (cherry picked from commit bf662f7c)
Patrick Steinhardt committed
-
- 03 Oct, 2018 1 commit
-
-
Right now, we simply ignore the `linelen` parameter of `git_pkt_parse_line` in case the caller passed in zero. But in fact, we never want to assume anything about the provided buffer length and always want the caller to pass in the available number of bytes. And in fact, checking all the callers, one can see that the funciton is never being called in case where the buffer length is zero, and thus we are safe to remove this check. (cherry picked from commit 1bc5b05c)
Patrick Steinhardt committed
-
