- 12 Jan, 2017 1 commit
-
-
Patrick Steinhardt committed
-
- 11 Jan, 2017 1 commit
-
-
fix examples/network/clone.c: heap-buffer-overflow
Edward Thomson committed
-
- 09 Jan, 2017 5 commits
-
-
Carlos Martín Nieto committed
-
security updates for v0.25
Carlos Martín Nieto committed -
None of our crypto backends actually reject RC4 as a cipher so don't test for it and instead keep it as something we'd like to do.
Carlos Martín Nieto committed -
We must make sure that we're getting a certificate error from the library so we know that we're testing the right thing.
Carlos Martín Nieto committed -
Format of a length of string to the correct format is:%.*s
Force.Charlie-I committed
-
- 06 Jan, 2017 8 commits
-
-
Edward Thomson committed
-
Edward Thomson committed
-
The Git protocol does not specify what should happen in the case of an empty packet line (that is a packet line "0004"). We currently indicate success, but do not return a packet in the case where we hit an empty line. The smart protocol was not prepared to handle such packets in all cases, though, resulting in a `NULL` pointer dereference. Fix the issue by returning an error instead. As such kind of packets is not even specified by upstream, this is the right thing to do.
Patrick Steinhardt committed -
Each packet line in the Git protocol is prefixed by a four-byte length of how much data will follow, which we parse in `git_pkt_parse_line`. The transmitted length can either be equal to zero in case of a flush packet or has to be at least of length four, as it also includes the encoded length itself. Not checking this may result in a buffer overflow as we directly pass the length to functions which accept a `size_t` length as parameter. Fix the issue by verifying that non-flush packets have at least a length of `PKT_LEN_SIZE`.
Patrick Steinhardt committed -
Edward Thomson committed
-
Make sure that the callbacks do also get a 'valid' value of zero when the certificate we're looking at is in valid and assert that within the test.
Carlos Martín Nieto committed -
Etienne Samson committed
-
Mention field addition in breaking API changes
Edward Thomson committed
-
- 03 Jan, 2017 2 commits
-
-
Simon Byrne committed
-
Simon Byrne committed
-
- 31 Dec, 2016 2 commits
-
-
Allow Windows with WinHTTP to use external http-parser
Edward Thomson committed -
Elliot Saba committed
-
- 30 Dec, 2016 2 commits
-
-
Fix issue #4046 Seg fault in config_files()
Edward Thomson committed -
Fix BIO_* functions method linking when compiled with libressl (OpenBSD).
Edward Thomson committed
-
- 29 Dec, 2016 3 commits
-
-
Douglas Swanson committed
-
rebase: check the result code of rebase_init_merge
Edward Thomson committed -
Jacques Germishuys committed
-
- 27 Dec, 2016 1 commit
-
-
mempack: set the odb backend version
Edward Thomson committed
-
- 25 Dec, 2016 1 commit
-
-
Jacques Germishuys committed
-
- 24 Dec, 2016 1 commit
-
- 20 Dec, 2016 6 commits
-
-
Documentation fixes
Carlos Martín Nieto committed -
http: bump the pretend git version in the User-Agent
Edward Thomson committed -
We want to keep the git UA in order for services to recognise that we're a Git client and not a browser. But in order to stop dumb HTTP some services have blocked UAs that claim to be pre-1.6.6 git. Thread these needles by using the "git/2.0" prefix which is still close enough to git's yet distinct enough that you can tell it's us.
Carlos Martín Nieto committed -
sysdir: don't re-guess when using variable substitution
Edward Thomson committed -
Don't hard-code HTTPS cap & clarify the meanings of the features enum
Edward Thomson committed -
README: be more explicit in the goals and scope
Carlos Martín Nieto committed
-
- 19 Dec, 2016 6 commits
-
-
Gift deprecated in favor of SwiftGit2
Carlos Martín Nieto committed -
refdb: bubble up recursive rm when locking a ref
Carlos Martín Nieto committed -
pack: dereference cached pack entry on error
Carlos Martín Nieto committed -
Lucas Derraugh committed
-
Fix off-by-one problems in git_signature__parse
Carlos Martín Nieto committed -
Make it clearer from the get-go that we do not aim to implement user-facing commands from the git tool.
Carlos Martín Nieto committed
-
- 18 Dec, 2016 1 commit
-
-
We should replace it with whatever the user set, not start again.
Carlos Martín Nieto committed
-