Given a path component it knows what to pass to the filesystem-specific
functions so we're protected even from trees which try to use the 8.3 naming
rules to get around us matching on the filename exactly.

The logic and test strings come from the equivalent git change.

It checks against the 8.3 shortname variants, including the one which includes
the checksum as part of its name.

This lets us check for other kinds of reserved files.

Otherwise we would also admit `..\..\foo\bar` as a valid path and fail to
protect Windows users.

Ideally we would check for both separators without the need for the copied
string, but this'll get us over the RCE.

If the we decide that the "name" of the submodule (i.e. its path inside
`.git/modules/`) is trying to escape that directory or otherwise trick us, we
ignore the configuration for that submodule.

This leaves us with a half-configured submodule when looking it up by path, but
it's the same result as if the configuration really were missing.

The name check is potentially more strict than it needs to be, but it lets us
re-use the check we're doing for the checkout. The function that encapsulates
this logic is ready to be exported but we don't want to do that in a security
release so it remains internal for now.

We should pretend such submdules do not exist as it can lead to RCE.

mbedTLS support

Configuration entry iteration in order

blame_git: fix coalescing step never being executed

Fix leaks in master

Leak fixes for v0.27.1

worktree: Read worktree specific reflog for HEAD

Valgrind log:

==2711== 305 (48 direct, 257 indirect) bytes in 1 blocks are definitely lost in loss record 576 of 624
==2711==    at 0x4C2CC70: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2711==    by 0x5E079E: git__calloc (util.h:99)
==2711==    by 0x5E0D21: open_worktree_dir (worktree.c:134)
==2711==    by 0x5E0F23: git_worktree_lookup (worktree.c:176)
==2711==    by 0x5E1972: git_worktree_add (worktree.c:388)
==2711==    by 0x551F23: test_worktree_worktree__add_with_explicit_branch (worktree.c:292)
==2711==    by 0x45853E: clar_run_test (clar.c:222)
==2711==    by 0x4587E1: clar_run_suite (clar.c:286)
==2711==    by 0x458B04: clar_parse_args (clar.c:362)
==2711==    by 0x458CAB: clar_test_run (clar.c:428)
==2711==    by 0x45665C: main (main.c:24)

CID:1383993, "In git_refspec__dwim_one: All paths that lead to this null pointer comparison already dereference the pointer earlier (CWE-476)"

As per CID:1378747, we might be called with a NULL repo, which would be deferenced in write_add_refspec

Valgrind log :

==17702== 18 bytes in 1 blocks are indirectly lost in loss record 69 of 1,123
==17702==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17702==    by 0x5FDBB49: strdup (strdup.c:42)
==17702==    by 0x632B3E: git__strdup (util.h:106)
==17702==    by 0x632D2C: git_reference__alloc_symbolic (refs.c:64)
==17702==    by 0x62E0AF: loose_lookup (refdb_fs.c:408)
==17702==    by 0x62E636: refdb_fs_backend__iterator_next (refdb_fs.c:565)
==17702==    by 0x62CD8E: git_refdb_iterator_next (refdb.c:147)
==17702==    by 0x6347F2: git_reference_next (refs.c:838)
==17702==    by 0x6345CB: git_reference_foreach (refs.c:748)
==17702==    by 0x66BE62: local_download_pack (local.c:579)
==17702==    by 0x5DB48F: git_fetch_download_pack (fetch.c:148)
==17702==    by 0x639028: git_remote_download (remote.c:932)
==17702==    by 0x63919A: git_remote_fetch (remote.c:969)
==17702==    by 0x4ABEDD: test_fetchhead_nonetwork__fetch_into_repo_with_symrefs (nonetwork.c:362)
==17702==    by 0x4125D9: clar_run_test (clar.c:222)
==17702==    by 0x41287C: clar_run_suite (clar.c:286)
==17702==    by 0x412DDE: clar_test_run (clar.c:433)
==17702==    by 0x4105E1: main (main.c:24)

fixed stack smashing due to wrong size of struct stat on the stack

on 32-bit systems with 64-bit file descriptor offsets enabled
(added -D_FILE_OFFSET_BITS=64 when compiling the test suite)

scripts: add backporting script

worktree: add ability to create worktree with pre-existing branch

refs: preserve the owning refdb when duping reference

The CRLF data generator is somewhat obscure; add information about how
to use it and what it does.

Signed-off-by: Sven Strickroth <email@cs-ware.de>

Update with vanilla Git 2.11.0 on Debian

Signed-off-by: Sven Strickroth <email@cs-ware.de>

Update with "git version 2.11.0.windows.3"

Signed-off-by: Sven Strickroth <email@cs-ware.de>

Submodules-API should report .gitmodules parse errors instead of ignoring them

Typedef git_pkt_type and clarify recv_pkt return type

online::clone: validate user:pass in HTTP_PROXY

 transports: ssh: disconnect session before freeing it 

revwalk: fix uninteresting revs sometimes not limiting graphwalk

attr_file: fix handling of directory patterns with trailing spaces

When we want to limit our graphwalk, we use the heuristic of checking
whether the newest limiting (uninteresting) revision is newer than the
oldest interesting revision. We do so by inspecting whether the first
item's commit time of the user-supplied list of revisions is newer than
the last added interesting revision. This is wrong though, as the user
supplied list is in no way guaranteed to be sorted by increasing commit
dates. This could lead us to abort the revwalk early before applying all
relevant limiting revisions, outputting revisions which should in fact
have been hidden.

Fix the heuristic by instead checking whether _any_ of the limiting
commits was made earlier than the last interesting commit. Add a test.

transports: local: fix assert when fetching into repo with symrefs

When comparing whether a path matches a directory rule, we pass the
both the path and directory name to `fnmatch` with
`GIT_ATTR_FNMATCH_DIRECTORY` being set. `fnmatch` expects the pattern to
contain no trailing directory '/', which is why we try to always strip
patterns of trailing slashes. We do not handle that case correctly
though when the pattern itself has trailing spaces, causing the match to
fail.

Fix the issue by stripping trailing spaces and tabs for a rule previous
to checking whether the pattern is a directory pattern with a trailing
'/'. This replaces the whitespace-stripping in our ignore file parsing
code, which was stripping whitespaces too late. Add a test to catch
future breakage.