1. 06 Sep, 2018 4 commits
  2. 05 Sep, 2018 1 commit
    • Prevent heap-buffer-overflow · d22cd1f4
      When running repack while doing repo writes, `packfile_load__cb()` can see some temporary files in the directory that are bigger than the usual, and makes `memcmp` overflow on the `p->pack_name` string. ASAN detected this. This just uses `strncmp`, that should not have any performance impact and is safe for comparing strings of different sizes.
      
      ```
      ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61200001a3f3 at pc 0x7f4a9e1976ec bp 0x7ffc1f80e100 sp 0x7ffc1f80d8b0
      READ of size 89 at 0x61200001a3f3 thread T0
      SCARINESS: 26 (multi-byte-read-heap-buffer-overflow)
          #0 0x7f4a9e1976eb in __interceptor_memcmp.part.78 (/build/cfgr-admin#link-tree/libtools_build_sanitizers_asan-ubsan-py.so+0xcf6eb)
          #1 0x7f4a518c5431 in packfile_load__cb /build/libgit2/0.27.0/src/libgit2-0.27.0/src/odb_pack.c:213
          #2 0x7f4a518d9582 in git_path_direach /build/libgit2/0.27.0/src/libgit2-0.27.0/src/path.c:1134
          #3 0x7f4a518c58ad in pack_backend__refresh /build/libgit2/0.27.0/src/libgit2-0.27.0/src/odb_pack.c:347
          #4 0x7f4a518c1b12 in git_odb_refresh /build/libgit2/0.27.0/src/libgit2-0.27.0/src/odb.c:1511
          #5 0x7f4a518bff5f in git_odb__freshen /build/libgit2/0.27.0/src/libgit2-0.27.0/src/odb.c:752
          #6 0x7f4a518c17d4 in git_odb_stream_finalize_write /build/libgit2/0.27.0/src/libgit2-0.27.0/src/odb.c:1415
          #7 0x7f4a51b9d015 in Repository_write /build/pygit2/0.27.0/src/pygit2-0.27.0/src/repository.c:509
      ```
      bisho committed
  3. 03 Sep, 2018 3 commits
  4. 02 Sep, 2018 1 commit
  5. 01 Sep, 2018 1 commit
  6. 31 Aug, 2018 2 commits
  7. 30 Aug, 2018 4 commits
  8. 29 Aug, 2018 3 commits
  9. 27 Aug, 2018 1 commit
  10. 26 Aug, 2018 5 commits
  11. 25 Aug, 2018 1 commit
  12. 24 Aug, 2018 9 commits
  13. 21 Aug, 2018 1 commit
  14. 20 Aug, 2018 4 commits