delta/libgit2.git/src/submodule.c, branch ethomson/proxy github.com: libgit2/libgit2.git submodule: ignore path and url attributes if they look like options 2018-10-05T17:50:18+00:00 Carlos Martín Nieto cmn@dwim.me 2018-10-05T09:47:39+00:00 c8ca3caef68f31d553c131b471223ff934bb3cff These can be used to inject options in an implementation which performs a recursive clone by executing an external command via crafted url and path attributes such that it triggers a local executable to be run. The library is not vulnerable as we do not rely on external executables but a user of the library might be relying on that so we add this protection. This matches this aspect of git's fix for CVE-2018-17456. 
These can be used to inject options in an implementation which performs a
recursive clone by executing an external command via crafted url and path
attributes such that it triggers a local executable to be run.

The library is not vulnerable as we do not rely on external executables but a
user of the library might be relying on that so we add this protection.

This matches this aspect of git's fix for CVE-2018-17456.
config: rename "config_file.h" to "config_backend.h" 2018-09-28T09:14:13+00:00 Patrick Steinhardt ps@pks.im 2018-08-10T11:03:33+00:00 b944e13782370844823fcdc712fefcde3bb3fe73 The header "config_file.h" has a list of inline-functions to access the contents of a config backend without directly messing with the struct's function pointers. While all these functions are called "git_config_file_*", they are in fact completely backend-agnostic and don't care whether it is a file or not. Rename all the function to instead be backend-agnostic versions called "git_config_backend_*" and rename the header to match. 
The header "config_file.h" has a list of inline-functions to access the
contents of a config backend without directly messing with the struct's
function pointers. While all these functions are called
"git_config_file_*", they are in fact completely backend-agnostic and
don't care whether it is a file or not. Rename all the function to
instead be backend-agnostic versions called "git_config_backend_*" and
rename the header to match.
submodule: fix submodule names depending on config-owned memory 2018-09-21T10:11:06+00:00 Patrick Steinhardt ps@pks.im 2018-08-16T12:10:58+00:00 0b9c68b1366e7ef458b4932f066c487498e6c79f When populating the list of submodule names, we use the submodule configuration entry's name as the key in the map of submodule names. This creates a hidden dependency on the liveliness of the configuration that was used to parse the submodule, which is fragile and unexpected. Fix the issue by duplicating the string before writing it into the submodule name map. 
When populating the list of submodule names, we use the submodule
configuration entry's name as the key in the map of submodule names.
This creates a hidden dependency on the liveliness of the configuration
that was used to parse the submodule, which is fragile and unexpected.

Fix the issue by duplicating the string before writing it into the
submodule name map.
submodule: don't leak memory when failing to insert the names 2018-07-06T20:13:09+00:00 Etienne Samson samson.etienne@gmail.com 2018-06-19T18:18:26+00:00 36a5b557f146affcc627e6f762b2ab722e2796ce Reported by Coverity, CID 1393237 
Reported by Coverity, CID 1393237
 Convert usage of `git_buf_free` to new `git_buf_dispose` 2018-06-10T17:34:37+00:00 Patrick Steinhardt ps@pks.im 2018-02-08T11:14:48+00:00 ecf4f33a4e327a91496f72816f9f02d923e5af05 






submodule: remove useless mask computations
2018-05-30T08:35:43+00:00

Patrick Steinhardt
ps@pks.im

2018-05-30T08:34:58+00:00

9c698a256f27bfe98df39322c3e29a02d48f6973

Previous to dfda2f68e (submodule: remove the per-repo cache,
2015-04-27), we tried to cache our submodules per repository to avoid
having to reload it too frequently. As it created some headaches with
regards to multithreading, we removed that cache.

Previous to that removal, we had to compute what submodule status to
refresh. The mask computation was not removed, though, resulting in
confusing and actually dead code. While it seems like the mask is
currently in use in a conditional, it is not, as we unconditionally
assign to the mask previous to that condition.

Remove all mask computations to clean up stale code.





Previous to dfda2f68e (submodule: remove the per-repo cache,
2015-04-27), we tried to cache our submodules per repository to avoid
having to reload it too frequently. As it created some headaches with
regards to multithreading, we removed that cache.

Previous to that removal, we had to compute what submodule status to
refresh. The mask computation was not removed, though, resulting in
confusing and actually dead code. While it seems like the mask is
currently in use in a conditional, it is not, as we unconditionally
assign to the mask previous to that condition.

Remove all mask computations to clean up stale code.







submodule: refactor loading submodule names
2018-05-30T08:35:12+00:00

Patrick Steinhardt
ps@pks.im

2018-05-30T06:38:28+00:00

cf5030a37f33c42f6369732b0e328e42ef48432c

The function `load_submodule_names` was always being called with a
newly allocated string map, which was then getting filled by the
function. Move the string map allocation into `load_submodule_names`,
instead, and pass the whole map back to the caller in case no error
occurs. This change helps to avoid misuse by handing in pre-populated
maps.





The function `load_submodule_names` was always being called with a
newly allocated string map, which was then getting filled by the
function. Move the string map allocation into `load_submodule_names`,
instead, and pass the whole map back to the caller in case no error
occurs. This change helps to avoid misuse by handing in pre-populated
maps.







submodule: detect duplicated submodule paths
2018-05-30T08:35:12+00:00

Patrick Steinhardt
ps@pks.im

2018-05-30T06:35:06+00:00

b2a389c87019c729ffaf179a338236dd129b473c

When loading submodule names, we build a map of submodule paths and
their respective names. While looping over the configuration keys,
we do not check though whether a submodule path was seen already. This
leads to a memory leak in case we have multiple submodules with the same
path, as we just overwrite the old value in the map in that case.

Fix the error by verifying that the path to be added is not yet part of
the string map. Git does not allow to have multiple submodules for a
path anyway, so we now do the same and detect this duplication,
reporting it to the user.





When loading submodule names, we build a map of submodule paths and
their respective names. While looping over the configuration keys,
we do not check though whether a submodule path was seen already. This
leads to a memory leak in case we have multiple submodules with the same
path, as we just overwrite the old value in the map in that case.

Fix the error by verifying that the path to be added is not yet part of
the string map. Git does not allow to have multiple submodules for a
path anyway, so we now do the same and detect this duplication,
reporting it to the user.







submodule: plug leaks from the escape detection
2018-05-24T18:28:36+00:00

Carlos Martín Nieto
cmn@dwim.me

2018-05-24T18:28:36+00:00

9e723db877f3c310f826f517ebe509722aad22eb












submodule: replace index with strchr which exists on Windows
2018-05-24T17:05:59+00:00

Carlos Martín Nieto
cmn@dwim.me

2018-05-24T17:05:59+00:00

c16ebaa6bd68d656e13c627f07920466846d5ab6