| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| | |
Config parsing
|
| | |
| |
| |
| |
| |
| | |
(fixes issue #6089)
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| |\ \
| | |
| | | |
remotes: fix insteadOf/pushInsteadOf handling
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
we want to test:
- an anonymous repo (a url)
- a named repo with a url
- a named repo with a url and pushurl
and for each of these matching configuration:
- only insteadOf
- only pushInsteadOf
- both insteadOf and pushInsteadOf
this change adds test cases for all of these combinations.
|
| |/ |
|
| | |
|
| |
|
|
|
| |
This tests parsing a multiline string containing multiple quoted comment
chars. See #6019
|
| |
|
|
|
| |
Include a self-signed certificate for test.libgit2.org:1443 that we can
use to verify that GIT_OPT_SET_SSL_CERT_LOCATIONS works.
|
| |
|
|
|
| |
Provide a mechanism to filter using attribute data from a specific
commit (making use of `GIT_ATTR_CHECK_INCLUDE_COMMIT`).
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This change introduces `git_commit_graph_entry_find()` and
`git_commit_graph_entry_parent()`. These two functions allow a much
faster lookup of commits by ID, since the ODB does not need to be
consulted, the commit object does not need to be inflated, and the
contents of the commit object do not need to be parsed.
Part of: #5757
|
| |
|
|
|
|
|
|
| |
This change is the first in a series to add support for git's
commit-graph. This should speed up commit graph traversals by avoiding
object parsing and allowing some operations to terminate earlier.
Part of: #5757
|
| |
|
|
|
|
|
| |
This change is the first in a series to add support for git's
multi-pack-index. This should speed up large repositories significantly.
Part of: #5399
|
| |
|
|
| |
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| | |
|
| |
|
|
|
|
|
|
| |
This change makes sure that the hunk is not null before trying to
dereference it. This avoids segfaults, especially when blaming against a
modified buffer (i.e. the index).
Fixes: #5443
|
| |
|
|
|
|
|
| |
This requires adding a new symbolic ref to the testrepo fixture.
Some of the existing tests attempt to delete HEAD, expecting a different failure. Introduce and use a non-HEAD symbolic ref instead.
Adjust a few other tests as needed.
Fixes #5357
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A little-known feature of NTFS is that it offers to store metadata in
so-called "Alternate Data Streams" (inspired by Apple's "resource
forks") that are copied together with the file they are associated with.
These Alternate Data Streams can be accessed via `<file name>:<stream
name>:<stream type>`.
Directories, too, have Alternate Data Streams, and they even have a
default stream type `$INDEX_ALLOCATION`. Which means that `abc/` and
`abc::$INDEX_ALLOCATION/` are actually equivalent.
This is of course another attack vector on the Git directory that we
definitely want to prevent.
On Windows, we already do this incidentally, by disallowing colons in
file/directory names.
While it looks as if files'/directories' Alternate Data Streams are not
accessible in the Windows Subsystem for Linux, and neither via
CIFS/SMB-mounted network shares in Linux, it _is_ possible to access
them on SMB-mounted network shares on macOS.
Therefore, let's go the extra mile and prevent this particular attack
_everywhere_. To keep things simple, let's just disallow *any* Alternate
Data Stream of `.git`.
This is libgit2's variant of CVE-2019-1352.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Multivars are configuration entries that have many values for the same
name; we can thus micro-optimize this case by just retaining the name of
the first configuration entry and freeing all the others, letting them
point to the string of the first entry.
The attached test case is an extreme example that demonstrates this. It
contains a section name that is approximately 500kB in size with 20.000
entries "a=b". Without the optimization, this would require at least
20000*500kB bytes, which is around 10GB. With this patch, it only
requires 500kB+20000*1B=20500kB.
The obvious culprit here is the section header, which we repeatedly
include in each of the configuration entry's names. This makes it very
easier for an adversary to provide a small configuration file that
disproportionally blows up in memory during processing and is thus a
feasible way for a denial-of-service attack. Unfortunately, we cannot
fix the root cause by e.g. having a separate "section" field that may
easily be deduplicated due to the `git_config_entry` structure being
part of our public API. So this micro-optimization is the best we can do
for now.
|
| |\
| |
| | |
smart: use push_glob instead of manual filtering
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The code worked under the assumption that anything under `refs/tags` are
tag objects, and all the rest would be peelable to a commit. As it is
completely valid to have tags to blobs under a non `refs/tags` ref, this
would cause failures when trying to peel a tag to a commit.
Fix the broken filtering by switching to `git_revwalk_push_glob`, which
already handles this case.
|
| | |
| |
| |
| |
| | |
Add a subdirectory in the crlf.git bare repository that has a
second-level .gitattribute file.
|
| |/ |
|
| |
|
|
|
|
| |
Unlike ignore files, gitattribute files can have flexible whitespace at
the beginning of the line. Ensure that by adding new ignore rules that
we have not impeded correct parsing of attribute files.
|
| |
|
|
|
|
|
| |
Previously, we would clobber any extension-specific error message with
an "extension is truncated" message. This makes `read_extension`
correctly preserve those errors, takes responsibility for truncation
errors, and adds a new message with the actual extension signature for
unsupported mandatory extensions.
|
| |
|
|
|
| |
This changes that file to use UNIX line-endings, which makes sense since
this is a UNIXy file.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Use the crlf data scripts to produce a corpus of known-good data in
"git" format (aka ODB format) from a variety of files with different
line endings. `git` created these files running `git add` to stage the
contents then extracting the data from the repository.
We'll use these to ensure that we create identical contents when we add
files into the index.
|
| |
|
|
|
|
| |
Re-use the existing crlf data generation script for creating the to-odb
dataset. Also, store the actual file contents instead of the ID so that
we can identify differences instead of detecting that differences exist.
|
| |
|
|
|
|
|
|
|
|
| |
Include a shell script that will generate the expected data of OIDs and
failures for calling git.git to capture its output as a test resource.
Right now, there is no need to differentiate different systems as git behaves
the same on all systems IIRC.
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| |
|
|
|
|
|
| |
Move the crlf_data folders reponsible for holding the state of the
filters going into the working directory to "to_workdir" variations of
the folder name to accommodate future growth into the "to odb" filter
variation. Update the script to create these new folders as appopriate.
|
| |
|
|
|
|
|
|
| |
Patch application need not be on an unmodified file; applying to an
already changed file is supported provided the patch still applies
cleanly. Add tests that modifies the contents of a file then applies
the patch and ensures that the patch applies cleanly, and the original
changes are also kept.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The testrepo test fixture has an index file that's damaged, missing an
object. The index previously had an entry of `src/index.c` with id
3161df8cbf3a006b4ef85be6497a0ea6bde98541, but that object was missing in
the repository. This commit adds an object to the repository and
updates the index to use that existing blob.
Similarly, the index has an entry for `readme` with an id of
97328ac7e3bd0bcd3900cb3e7a624d71dd0df888. This can be restored from
other test repositories.
With these fixed, now the write tree from index tests can pass since they
validate object existence.
|
| |
|
|
|
|
|
|
|
|
|
| |
Until now, we didn't have any tests that verified that our format for
renames in subdirectories is correct. While our current behaviour is no
different than for renames that do not happen with a common prefix
shared between old and new file name, we intend to change the format to
instead match the format that upstream git uses.
Add a test case for this to document our current behaviour and to show
how the next commit will change that format.
|
| |\
| |
| | |
tree: accept null ids in existing trees when updating
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When we add entries to a treebuilder we validate them. But we validate even
those that we're adding because they exist in the base tree. This disables
using the normal mechanisms on these trees, even to fix them.
Keep track of whether the entry we're appending comes from an existing tree and
bypass the name and id validation if it's from existing data.
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
We want to reject these as they cause compatibility issues and can lead to git
writing to files outside of the repository.
|
| |
|
|
|
| |
The CRLF data generator is somewhat obscure; add information about how
to use it and what it does.
|
| |
|
|
|
|
| |
Update with vanilla Git 2.11.0 on Debian
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| |
|
|
|
|
| |
Update with "git version 2.11.0.windows.3"
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we want to limit our graphwalk, we use the heuristic of checking
whether the newest limiting (uninteresting) revision is newer than the
oldest interesting revision. We do so by inspecting whether the first
item's commit time of the user-supplied list of revisions is newer than
the last added interesting revision. This is wrong though, as the user
supplied list is in no way guaranteed to be sorted by increasing commit
dates. This could lead us to abort the revwalk early before applying all
relevant limiting revisions, outputting revisions which should in fact
have been hidden.
Fix the heuristic by instead checking whether _any_ of the limiting
commits was made earlier than the last interesting commit. Add a test.
|
| |
|
|
|
|
| |
Add a new branch to the `testrepo` repository, where the `README` file
has changed to executable. This branch enables typechange tests between
the new `executable` branch and `master`.
|
| |
|
|
|
|
|
| |
Add two more scenarios to the "renames" repository. The first scenario
has a major rewrite of a file and a delete of another file, the second
scenario has a deletion of a file and rename of another file to the
deleted file. Both scenarios will be used in the following commit.
|
| | |
|
| | |
|
