delta/libgit2.git/tests/commit, branch ethomson/no_void github.com: libgit2/libgit2.git commit: add failing tests for object checking for git_commit_with_signature 2019-10-30T19:35:48+00:00 Carlos Martín Nieto carlosmn@github.com 2019-10-30T19:35:48+00:00 0974e02f138b72d4255414f0381bde18a253ddf9 There can be a significant difference between the system where we created the buffer (if at all) and when the caller provides us with the contents of a commit. Provide some test cases (we have to adapt the existing ones because they refer to trees and commits which do not exist). 
There can be a significant difference between the system where we created the
buffer (if at all) and when the caller provides us with the contents of a
commit.

Provide some test cases (we have to adapt the existing ones because they refer
to trees and commits which do not exist).
git_error: use new names in internal APIs and usage 2019-01-22T22:30:35+00:00 Edward Thomson ethomson@edwardthomson.com 2018-12-27T19:47:34+00:00 f673e232afe22eb865cdc915e55a2df6493f0fbb Move to the `git_error` name in the internal API for error-related functions. 
Move to the `git_error` name in the internal API for error-related
functions.
references: use new names in internal usage 2019-01-17T10:32:29+00:00 Edward Thomson ethomson@edwardthomson.com 2019-01-17T00:32:31+00:00 ed8cfbf04181d6fc229582a09c5c7657a53cd2e3 Update internal usage to use the `git_reference` names for constants. 
Update internal usage to use the `git_reference` names for constants.
object_type: use new enumeration names 2018-12-01T11:54:57+00:00 Edward Thomson ethomson@edwardthomson.com 2018-11-28T14:26:57+00:00 168fe39bea3368972a8b1a33d5908e73bc790c18 Use the new object_type enumeration names within the codebase. 
Use the new object_type enumeration names within the codebase.
signature: fix out-of-bounds read when parsing timezone offset 2018-11-09T18:32:08+00:00 Patrick Steinhardt ps@pks.im 2018-11-09T18:32:08+00:00 52f859fd534e3c16c2c03b9a2375f00a50f3996e When parsing a signature's timezone offset, we first check whether there is a timezone at all by verifying that there are still bytes left to read following the time itself. The check thus looks like `time_end + 1 < buffer_end`, which is actually correct in this case. After setting the timezone's start pointer to that location, we compute the remaining bytes by using the formula `buffer_end - tz_start + 1`, re-using the previous `time_end + 1`. But this is in fact missing the braces around `(tz_start + 1)`, thus leading to an overestimation of the remaining bytes by a length of two. In case of a non-NUL terminated buffer, this will result in an overflow. The function `git_signature__parse` is only used in two locations. First is `git_signature_from_buffer`, which only accepts a string without a length. The string thus necessarily has to be NUL terminated and cannot trigger the issue. The other function is `git_commit__parse_raw`, which can in fact trigger the error as it may receive non-NUL terminated commit data. But as objects read from the ODB are always NUL-terminated by us as a cautionary measure, it cannot trigger the issue either. In other words, this error does not have any impact on security. 
When parsing a signature's timezone offset, we first check whether there
is a timezone at all by verifying that there are still bytes left to
read following the time itself. The check thus looks like `time_end + 1
< buffer_end`, which is actually correct in this case. After setting the
timezone's start pointer to that location, we compute the remaining
bytes by using the formula `buffer_end - tz_start + 1`, re-using the
previous `time_end + 1`. But this is in fact missing the braces around
`(tz_start + 1)`, thus leading to an overestimation of the remaining
bytes by a length of two. In case of a non-NUL terminated buffer, this
will result in an overflow.

The function `git_signature__parse` is only used in two locations. First
is `git_signature_from_buffer`, which only accepts a string without a
length. The string thus necessarily has to be NUL terminated and cannot
trigger the issue.

The other function is `git_commit__parse_raw`, which can in fact trigger
the error as it may receive non-NUL terminated commit data. But as
objects read from the ODB are always NUL-terminated by us as a
cautionary measure, it cannot trigger the issue either.

In other words, this error does not have any impact on security.
treewide: remove use of C++ style comments 2018-07-13T06:25:12+00:00 Patrick Steinhardt ps@pks.im 2018-06-25T09:56:52+00:00 9994cd3f0ffcd7b28d26c82ecb6564bc4072dc2a C++ style comment ("//") are not specified by the ISO C90 standard and thus do not conform to it. While libgit2 aims to conform to C90, we did not enforce it until now, which is why quite a lot of these non-conforming comments have snuck into our codebase. Do a tree-wide conversion of all C++ style comments to the supported C style comments to allow us enforcing strict C90 compliance in a later commit. 
C++ style comment ("//") are not specified by the ISO C90 standard and
thus do not conform to it. While libgit2 aims to conform to C90, we did
not enforce it until now, which is why quite a lot of these
non-conforming comments have snuck into our codebase. Do a tree-wide
conversion of all C++ style comments to the supported C style comments
to allow us enforcing strict C90 compliance in a later commit.
Convert usage of `git_buf_free` to new `git_buf_dispose` 2018-06-10T17:34:37+00:00 Patrick Steinhardt ps@pks.im 2018-02-08T11:14:48+00:00 ecf4f33a4e327a91496f72816f9f02d923e5af05 






signature: distinguish +0000 and -0000 UTC offsets
2017-11-12T12:01:10+00:00

Henry Kleynhans
hkleynhans@bloomberg.net

2017-11-12T10:56:50+00:00

f063dafb1da60625da76a1ea6975a121969cb630

Git considers '-0000' a valid offset for signature lines.  They need to
be treated as _not_ equal to a '+0000' signature offset.  Parsing a
signature line stores the offset in a signed integer which does not
distinguish between `+0` and `-0`.

This patch adds an additional flag `sign` to the `git_time` in the
`signature` object which is populated with the sign of the offset.  In
addition to exposing this information to the user, this information is
also used to compare signatures.

/cc @pks-t @ethomson





Git considers '-0000' a valid offset for signature lines.  They need to
be treated as _not_ equal to a '+0000' signature offset.  Parsing a
signature line stores the offset in a signed integer which does not
distinguish between `+0` and `-0`.

This patch adds an additional flag `sign` to the `git_time` in the
`signature` object which is populated with the sign of the offset.  In
addition to exposing this information to the user, this information is
also used to compare signatures.

/cc @pks-t @ethomson







Fix initial commit test
2016-05-04T18:15:56+00:00

John Haley
johnh@axosoft.com

2016-05-04T18:14:17+00:00

5785ae9b5e315a2aca64ee4bac1b31bdab84c657

`test_commit_commit__create_initial_commit_parent_not_current` was not correctly 
testing that `HEAD` was not changed. Now we grab the oid that it was pointing to
before the call to `git_commit_create` and the oid that it's pointing to afterwards
and compare those.




`test_commit_commit__create_initial_commit_parent_not_current` was not correctly 
testing that `HEAD` was not changed. Now we grab the oid that it was pointing to
before the call to `git_commit_create` and the oid that it's pointing to afterwards
and compare those.






Add tests for creating an initial commit
2016-05-03T20:32:32+00:00

John Haley
johnh@axosoft.com

2016-05-03T20:32:22+00:00

4f22ccb9793d765d09032898e913690d088d6518