1. 21 Oct, 2018 6 commits
  2. 20 Oct, 2018 6 commits
  3. 19 Oct, 2018 8 commits
  4. 17 Oct, 2018 3 commits
  5. 15 Oct, 2018 5 commits
  6. 13 Oct, 2018 1 commit
  7. 12 Oct, 2018 1 commit
  8. 11 Oct, 2018 4 commits
    • Apply code review feedback · 463c21e2
      Nelson Elhage committed
    • fuzzers: add object parsing fuzzer · a1d5fd06
      Add a simple fuzzer that exercises our object parser code. The fuzzer
      is quite trivial in that it simply passes the input data directly to
      `git_object__from_raw` for each of the four object types.
      Patrick Steinhardt committed
    • object: properly propagate errors on parsing failures · 6562cdda
      When failing to parse a raw object fromits data, we free the
      partially parsed object but then fail to propagate the error to the
      caller. This may lead callers to operate on objects with invalid memory,
      which will sooner or later cause the program to segfault.
      
      Fix the issue by passing up the error code returned by `parse_raw`.
      Patrick Steinhardt committed
    • fuzzers: initialize libgit2 in standalone driver · 6956a954
      The standalone driver for libgit2's fuzzing targets makes use of
      functions from libgit2 itself. While this is totally fine to do, we need
      to make sure to always have libgit2 initialized via `git_libgit2_init`
      before we call out to any of these. While this happens in most cases as
      we call `LLVMFuzzerInitialize`, which is provided by our fuzzers and
      which right now always calls `git_libgit2_init`, one exception to this
      rule is our error path when not enough arguments have been given. In
      this case, we will call `git_vector_free_deep` without libgit2 having
      been initialized. As we did not set up our allocation functions in that
      case, this will lead to a segmentation fault.
      
      Fix the issue by always initializing and shutting down libgit2 in the
      standalone driver. Note that we cannot let this replace the
      initialization in `LLVMFuzzerInitialize`, as it is required when using
      the "real" fuzzers by LLVM without our standalone driver. It's no
      problem to call the initialization and deinitialization functions
      multiple times, though.
      Patrick Steinhardt committed
  9. 09 Oct, 2018 2 commits
  10. 08 Oct, 2018 2 commits
    • tree: unify the entry validity checks · fd490d3e
      We have two similar functions, `git_treebuilder_insert` and `append_entry` which
      are used in different codepaths as part of creating a new tree. The former
      learnt to check for object existence under strict object creation, but the
      latter did not.
      
      This allowed the creation of a tree from an unowned index to bypass some of the
      checks and create a tree pointing to a nonexistent object.
      
      Extract a single function which performs these checks and call it from both
      codepaths. In `append_entry` we still do not validate when asked not to, as this
      is data which is already in the tree and we want to allow users to deal with
      repositories which already have some invalid data.
      Carlos Martín Nieto committed
    • index: add failing test for writing an invalid tree from an unowned index · fbc0dcda
      When the index does not belong to any repository, we do not do any checks of the
      target id going in as we cannot verify that it exists.
      
      When we then write it out to a repository as a tree, we fail to perform the
      object existance and type-matching check that we do in other code-paths. This
      leads to being able to write trees which point to non-existent blobs even with
      strict object creation enabled.
      Carlos Martín Nieto committed
  11. 07 Oct, 2018 2 commits