delta/libgit2.git/src, branch cmn/tmp github.com: libgit2/libgit2.git crashdebug 2017-11-21T14:11:50+00:00 Carlos Martín Nieto cmn@dwim.me 2017-11-21T14:11:50+00:00 1e3a2797660ee61fd835739240bb8a2215cede80 






Merge branch '25_smartpktparse' into maint/v0.25
2017-01-06T17:12:16+00:00

Edward Thomson
ethomson@github.com

2017-01-06T17:12:16+00:00

6850b516b9bb7de6d8e7e1f8355acf05a7a91d98












smart_pkt: treat empty packet lines as error
2017-01-06T17:11:58+00:00

Patrick Steinhardt
ps@pks.im

2016-11-15T10:44:51+00:00

2fdef641fd0dd2828bd948234ae86de75221a11a

The Git protocol does not specify what should happen in the case
of an empty packet line (that is a packet line "0004"). We
currently indicate success, but do not return a packet in the
case where we hit an empty line. The smart protocol was not
prepared to handle such packets in all cases, though, resulting
in a `NULL` pointer dereference.

Fix the issue by returning an error instead. As such kind of
packets is not even specified by upstream, this is the right
thing to do.





The Git protocol does not specify what should happen in the case
of an empty packet line (that is a packet line "0004"). We
currently indicate success, but do not return a packet in the
case where we hit an empty line. The smart protocol was not
prepared to handle such packets in all cases, though, resulting
in a `NULL` pointer dereference.

Fix the issue by returning an error instead. As such kind of
packets is not even specified by upstream, this is the right
thing to do.







smart_pkt: verify packet length exceeds PKT_LEN_SIZE
2017-01-06T17:11:44+00:00

Patrick Steinhardt
ps@pks.im

2016-11-15T10:36:27+00:00

66e3774d279672ee51c3b54545a79d20d1ada834

Each packet line in the Git protocol is prefixed by a four-byte
length of how much data will follow, which we parse in
`git_pkt_parse_line`. The transmitted length can either be equal
to zero in case of a flush packet or has to be at least of length
four, as it also includes the encoded length itself. Not
checking this may result in a buffer overflow as we directly pass
the length to functions which accept a `size_t` length as
parameter.

Fix the issue by verifying that non-flush packets have at least a
length of `PKT_LEN_SIZE`.





Each packet line in the Git protocol is prefixed by a four-byte
length of how much data will follow, which we parse in
`git_pkt_parse_line`. The transmitted length can either be equal
to zero in case of a flush packet or has to be at least of length
four, as it also includes the encoded length itself. Not
checking this may result in a buffer overflow as we directly pass
the length to functions which accept a `size_t` length as
parameter.

Fix the issue by verifying that non-flush packets have at least a
length of `PKT_LEN_SIZE`.







http: check certificate validity before clobbering the error variable
2017-01-06T17:09:39+00:00

Etienne Samson
samson.etienne@gmail.com

2016-12-21T20:24:33+00:00

9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22












http: bump the pretend git version in the User-Agent
2016-12-20T16:19:30+00:00

Carlos Martín Nieto
cmn@dwim.me

2016-12-20T16:19:30+00:00

fafafb1f37d21ebf4b0bbf02651b910d842cfe27

We want to keep the git UA in order for services to recognise that we're
a Git client and not a browser. But in order to stop dumb HTTP some
services have blocked UAs that claim to be pre-1.6.6 git.

Thread these needles by using the "git/2.0" prefix which is still close
enough to git's yet distinct enough that you can tell it's us.





We want to keep the git UA in order for services to recognise that we're
a Git client and not a browser. But in order to stop dumb HTTP some
services have blocked UAs that claim to be pre-1.6.6 git.

Thread these needles by using the "git/2.0" prefix which is still close
enough to git's yet distinct enough that you can tell it's us.







Merge pull request #4034 from libgit2/cmn/sysdir-no-reguess
2016-12-20T15:32:49+00:00

Edward Thomson
ethomson@github.com

2016-12-20T15:32:49+00:00

8d7717c471aabb9e09ea0421f1dea487ad6af02c

sysdir: don't re-guess when using variable substitution




sysdir: don't re-guess when using variable substitution






Merge pull request #4032 from libgit2/cmn/https-cap-no-hardcode
2016-12-20T15:28:46+00:00

Edward Thomson
ethomson@github.com

2016-12-20T15:28:46+00:00

f91f170f0e334963473a0f1060d2b07fbe63abbf

Don't hard-code HTTPS cap & clarify the meanings of the features enum




Don't hard-code HTTPS cap & clarify the meanings of the features enum






Merge pull request #4026 from libgit2/cmn/refdb-fs-errors
2016-12-19T17:28:41+00:00

Carlos Martín Nieto
carlosmn@github.com

2016-12-19T17:28:41+00:00

3714c13a888cfa539d1c6924d6b7bc747c137a42

refdb: bubble up recursive rm when locking a ref




refdb: bubble up recursive rm when locking a ref






Merge pull request #4027 from pks-t/pks/pack-deref-cache-on-error
2016-12-19T17:26:09+00:00

Carlos Martín Nieto
carlosmn@github.com

2016-12-19T17:26:09+00:00

903955f7e5d81e12ef806636c7c5fbfd6203266c

pack: dereference cached pack entry on error




pack: dereference cached pack entry on error