| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | | |
|
| |\ \
| |/ |
|
| | |
| |
| |
| | |
Teach the packfile machinery to cope with SHA256.
|
| | |
| |
| |
| | |
This is a conversion of the testrepo.git to SHA256 support.
|
| | |
| |
| |
| |
| |
| |
| | |
Test that we can successfully clone a repository that is namespace
scoped to a bare repository locally. We need not specify a checkout
branch in this case (obviously, since we do not check anything out in a
bare clone).
|
| |\ \
| |/
|/| |
|
| | |\ |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Add support for a SHA256 hash algorithm, and add the "builtin" SHA256
hash engine (from RFC 6234).
|
| |\ \ \
| | | |
| | | | |
refs: Speed up packed lookups.
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently ref lookups require loading the entire packed-refs file into
a hashmap in memory. For repos with large numbers of refs this can be
painfully slow.
This patch replaces the existing lookup code and instead mmap()'s the
packed-refs file and performs a binary search to locate the ref entry.
Git uses a similiar approach.
The old hash table codepath is still used for unsorted packed-refs files.
This patch also fixes a minor bug where the "peeled" trait is never
parsed correctly from the packed-refs header.
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Config parsing
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
(fixes issue #6089)
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| |\ \ \
| | | |
| | | | |
remotes: fix insteadOf/pushInsteadOf handling
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
we want to test:
- an anonymous repo (a url)
- a named repo with a url
- a named repo with a url and pushurl
and for each of these matching configuration:
- only insteadOf
- only pushInsteadOf
- both insteadOf and pushInsteadOf
this change adds test cases for all of these combinations.
|
| |/ / |
|
| | | |
|
| | |
| |
| |
| |
| | |
This tests parsing a multiline string containing multiple quoted comment
chars. See #6019
|
| | |
| |
| |
| |
| | |
Include a self-signed certificate for test.libgit2.org:1443 that we can
use to verify that GIT_OPT_SET_SSL_CERT_LOCATIONS works.
|
| | |
| |
| |
| |
| | |
Provide a mechanism to filter using attribute data from a specific
commit (making use of `GIT_ATTR_CHECK_INCLUDE_COMMIT`).
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change introduces `git_commit_graph_entry_find()` and
`git_commit_graph_entry_parent()`. These two functions allow a much
faster lookup of commits by ID, since the ODB does not need to be
consulted, the commit object does not need to be inflated, and the
contents of the commit object do not need to be parsed.
Part of: #5757
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This change is the first in a series to add support for git's
commit-graph. This should speed up commit graph traversals by avoiding
object parsing and allowing some operations to terminate earlier.
Part of: #5757
|
| | |
| |
| |
| |
| |
| |
| | |
This change is the first in a series to add support for git's
multi-pack-index. This should speed up large repositories significantly.
Part of: #5399
|
| |/
|
|
| |
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| | |
|
| |
|
|
|
|
|
|
| |
This change makes sure that the hunk is not null before trying to
dereference it. This avoids segfaults, especially when blaming against a
modified buffer (i.e. the index).
Fixes: #5443
|
| |
|
|
|
|
|
| |
This requires adding a new symbolic ref to the testrepo fixture.
Some of the existing tests attempt to delete HEAD, expecting a different failure. Introduce and use a non-HEAD symbolic ref instead.
Adjust a few other tests as needed.
Fixes #5357
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A little-known feature of NTFS is that it offers to store metadata in
so-called "Alternate Data Streams" (inspired by Apple's "resource
forks") that are copied together with the file they are associated with.
These Alternate Data Streams can be accessed via `<file name>:<stream
name>:<stream type>`.
Directories, too, have Alternate Data Streams, and they even have a
default stream type `$INDEX_ALLOCATION`. Which means that `abc/` and
`abc::$INDEX_ALLOCATION/` are actually equivalent.
This is of course another attack vector on the Git directory that we
definitely want to prevent.
On Windows, we already do this incidentally, by disallowing colons in
file/directory names.
While it looks as if files'/directories' Alternate Data Streams are not
accessible in the Windows Subsystem for Linux, and neither via
CIFS/SMB-mounted network shares in Linux, it _is_ possible to access
them on SMB-mounted network shares on macOS.
Therefore, let's go the extra mile and prevent this particular attack
_everywhere_. To keep things simple, let's just disallow *any* Alternate
Data Stream of `.git`.
This is libgit2's variant of CVE-2019-1352.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Multivars are configuration entries that have many values for the same
name; we can thus micro-optimize this case by just retaining the name of
the first configuration entry and freeing all the others, letting them
point to the string of the first entry.
The attached test case is an extreme example that demonstrates this. It
contains a section name that is approximately 500kB in size with 20.000
entries "a=b". Without the optimization, this would require at least
20000*500kB bytes, which is around 10GB. With this patch, it only
requires 500kB+20000*1B=20500kB.
The obvious culprit here is the section header, which we repeatedly
include in each of the configuration entry's names. This makes it very
easier for an adversary to provide a small configuration file that
disproportionally blows up in memory during processing and is thus a
feasible way for a denial-of-service attack. Unfortunately, we cannot
fix the root cause by e.g. having a separate "section" field that may
easily be deduplicated due to the `git_config_entry` structure being
part of our public API. So this micro-optimization is the best we can do
for now.
|
| |\
| |
| | |
smart: use push_glob instead of manual filtering
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The code worked under the assumption that anything under `refs/tags` are
tag objects, and all the rest would be peelable to a commit. As it is
completely valid to have tags to blobs under a non `refs/tags` ref, this
would cause failures when trying to peel a tag to a commit.
Fix the broken filtering by switching to `git_revwalk_push_glob`, which
already handles this case.
|
| | |
| |
| |
| |
| | |
Add a subdirectory in the crlf.git bare repository that has a
second-level .gitattribute file.
|
| |/ |
|
| |
|
|
|
|
| |
Unlike ignore files, gitattribute files can have flexible whitespace at
the beginning of the line. Ensure that by adding new ignore rules that
we have not impeded correct parsing of attribute files.
|
| |
|
|
|
|
|
| |
Previously, we would clobber any extension-specific error message with
an "extension is truncated" message. This makes `read_extension`
correctly preserve those errors, takes responsibility for truncation
errors, and adds a new message with the actual extension signature for
unsupported mandatory extensions.
|
| |
|
|
|
| |
This changes that file to use UNIX line-endings, which makes sense since
this is a UNIXy file.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Use the crlf data scripts to produce a corpus of known-good data in
"git" format (aka ODB format) from a variety of files with different
line endings. `git` created these files running `git add` to stage the
contents then extracting the data from the repository.
We'll use these to ensure that we create identical contents when we add
files into the index.
|
| |
|
|
|
|
| |
Re-use the existing crlf data generation script for creating the to-odb
dataset. Also, store the actual file contents instead of the ID so that
we can identify differences instead of detecting that differences exist.
|
| |
|
|
|
|
|
|
|
|
| |
Include a shell script that will generate the expected data of OIDs and
failures for calling git.git to capture its output as a test resource.
Right now, there is no need to differentiate different systems as git behaves
the same on all systems IIRC.
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| |
|
|
|
|
|
| |
Move the crlf_data folders reponsible for holding the state of the
filters going into the working directory to "to_workdir" variations of
the folder name to accommodate future growth into the "to odb" filter
variation. Update the script to create these new folders as appopriate.
|
| |
|
|
|
|
|
|
| |
Patch application need not be on an unmodified file; applying to an
already changed file is supported provided the patch still applies
cleanly. Add tests that modifies the contents of a file then applies
the patch and ensures that the patch applies cleanly, and the original
changes are also kept.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The testrepo test fixture has an index file that's damaged, missing an
object. The index previously had an entry of `src/index.c` with id
3161df8cbf3a006b4ef85be6497a0ea6bde98541, but that object was missing in
the repository. This commit adds an object to the repository and
updates the index to use that existing blob.
Similarly, the index has an entry for `readme` with an id of
97328ac7e3bd0bcd3900cb3e7a624d71dd0df888. This can be restored from
other test repositories.
With these fixed, now the write tree from index tests can pass since they
validate object existence.
|
| |
|
|
|
|
|
|
|
|
|
| |
Until now, we didn't have any tests that verified that our format for
renames in subdirectories is correct. While our current behaviour is no
different than for renames that do not happen with a common prefix
shared between old and new file name, we intend to change the format to
instead match the format that upstream git uses.
Add a test case for this to document our current behaviour and to show
how the next commit will change that format.
|
| |\
| |
| | |
tree: accept null ids in existing trees when updating
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When we add entries to a treebuilder we validate them. But we validate even
those that we're adding because they exist in the base tree. This disables
using the normal mechanisms on these trees, even to fix them.
Keep track of whether the entry we're appending comes from an existing tree and
bypass the name and id validation if it's from existing data.
|
| |/ |
|
