summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2014-06-19unique_path: fix unlikely heap overflowLibravatar Jeff King1-15/+26
When merge-recursive creates a unique filename, it uses a template like: path~branch_%d where the final "_%d" is filled by an incrementing counter until we find a unique name. We allocate 8 characters for the counter, but there is no logic to limit the size of the integer. Of course, this is extremely unlikely, as you would need a hundred million collisions to trigger the problem. Even if an attacker constructed a specialized repo, it is unlikely that the victim would have the patience to run the merge. However, we can make it trivially correct (and hopefully more readable) by using a strbuf. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19walker_fetch: fix minor memory leakLibravatar Jeff King1-9/+9
We sometimes allocate "msg" on the heap, but will fail to free it if we hit the failure code path. We can instead keep a separate variable that is safe to be freed no matter how we get to the failure code path. While we're here, we can also do two readability improvements: 1. Use xstrfmt instead of a manual malloc/sprintf 2. Due to the "maybe we allocate msg, maybe we don't" strategy, the logic for deciding which message to show was split into two parts. Since the deallocation is now pushed onto a separate variable, this is no longer a concern, and we can keep all of the logic in the same place. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19merge: use argv_array when spawning merge strategyLibravatar Jeff King1-29/+13
This is shorter, and avoids a rather complicated set of allocation and free steps. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19sequencer: use argv_array_pushfLibravatar Jeff King1-7/+2
This avoids a manual allocation calculation, and is shorter to boot. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19setup_git_env: use git_pathdup instead of xmalloc + sprintfLibravatar Jeff King1-8/+4
This is shorter, harder to get wrong, and more clearly captures the intent. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19use xstrfmt to replace xmalloc + strcpy/strcatLibravatar Jeff King5-23/+6
It's easy to get manual allocation calculations wrong, and the use of strcpy/strcat raise red flags for people looking for buffer overflows (though in this case each site was fine). It's also shorter to use xstrfmt, and the printf-format tends to be easier for a reader to see what the final string will look like. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19use xstrfmt to replace xmalloc + sprintfLibravatar Jeff King6-41/+18
This is one line shorter, and makes sure the length in the malloc and sprintf steps match. These conversions are very straightforward; we can drop the malloc entirely, and replace the sprintf with xstrfmt. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19use xstrdup instead of xmalloc + strcpyLibravatar Jeff King3-10/+4
This is one line shorter, and makes sure the length in the malloc and copy steps match. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19use xstrfmt in favor of manual size calculationsLibravatar Jeff King2-16/+7
In many parts of the code, we do an ugly and error-prone malloc like: const char *fmt = "something %s"; buf = xmalloc(strlen(foo) + 10 + 1); sprintf(buf, fmt, foo); This makes the code brittle, and if we ever get the allocation wrong, is a potential heap overflow. Let's instead favor xstrfmt, which handles the allocation automatically, and makes the code shorter and more readable. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-19strbuf: add xstrfmt helperLibravatar Jeff King2-0/+28
You can use a strbuf to build up a string from parts, and then detach it. In the general case, you might use multiple strbuf_add* functions to do the building. However, in many cases, a single strbuf_addf is sufficient, and we end up with: struct strbuf buf = STRBUF_INIT; ... strbuf_addf(&buf, fmt, some, args); str = strbuf_detach(&buf, NULL); We can make this much more readable (and avoid introducing an extra variable, which can clutter the code) by introducing a convenience function: str = xstrfmt(fmt, some, args); Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-16Third batch for 2.1Libravatar Junio C Hamano1-0/+80
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-16Merge branch 'ib/test-selectively-run'Libravatar Junio C Hamano3-12/+617
Allow specifying only certain individual test pieces to be run using a range notation (e.g. "t1234-test.sh --run='1-4 6 8 9-'"). * ib/test-selectively-run: t0000-*.sh: fix the GIT_SKIP_TESTS sub-tests test-lib: '--run' to run only specific tests test-lib: tests skipped by GIT_SKIP_TESTS say so test-lib: document short options in t/README
2014-06-16Merge branch 'ta/string-list-init'Libravatar Junio C Hamano2-2/+4
* ta/string-list-init: string-list: spell all values out that are given to a string_list initializer
2014-06-16Merge branch 'jm/dedup-test-config'Libravatar Junio C Hamano1-5/+0
* jm/dedup-test-config: t/t7810-grep.sh: remove duplicate test_config()
2014-06-16Merge branch 'dt/refs-check-refname-component-optim'Libravatar Junio C Hamano2-29/+44
* dt/refs-check-refname-component-optim: refs.c: optimize check_refname_component()
2014-06-16Merge branch 'sk/test-cmp-bin'Libravatar Junio C Hamano5-22/+28
* sk/test-cmp-bin: t5000, t5003: do not use test_cmp to compare binary files
2014-06-16Merge branch 'sh/enable-preloadindex'Libravatar Junio C Hamano2-3/+3
* sh/enable-preloadindex: environment.c: enable core.preloadindex by default
2014-06-16Merge branch 'rs/read-ref-at'Libravatar Junio C Hamano2-107/+105
* rs/read-ref-at: refs.c: change read_ref_at to use the reflog iterators
2014-06-16Merge branch 'jk/error-resolve-conflict-advice'Libravatar Junio C Hamano1-5/+4
* jk/error-resolve-conflict-advice: error_resolve_conflict: drop quotations around operation error_resolve_conflict: rewrap advice message
2014-06-16Merge branch 'rs/pack-objects-no-unnecessary-realloc'Libravatar Junio C Hamano1-2/+2
Avoid unnecessary copy of previous contents when extending the hashtable used in pack-objects. * rs/pack-objects-no-unnecessary-realloc: pack-objects: use free()+xcalloc() instead of xrealloc()+memset()
2014-06-16Merge branch 'lt/log-auto-decorate'Libravatar Junio C Hamano1-0/+2
* lt/log-auto-decorate: git log: support "auto" decorations
2014-06-16Merge branch 'jm/doc-wording-tweaks'Libravatar Junio C Hamano2-9/+8
* jm/doc-wording-tweaks: Documentation: wording fixes in the user manual and glossary
2014-06-16Merge branch 'jm/format-patch-mail-sig'Libravatar Junio C Hamano4-2/+93
* jm/format-patch-mail-sig: format-patch: add "--signature-file=<file>" option format-patch: make newline after signature conditional
2014-06-16Merge branch 'jk/http-errors'Libravatar Junio C Hamano12-13/+183
Propagate the error messages from the webserver better to the client coming over the HTTP transport. * jk/http-errors: http: default text charset to iso-8859-1 remote-curl: reencode http error messages strbuf: add strbuf_reencode helper http: optionally extract charset parameter from content-type http: extract type/subtype portion of content-type t5550: test display of remote http error messages t/lib-httpd: use write_script to copy CGI scripts test-lib: preserve GIT_CURL_VERBOSE from the environment
2014-06-16Merge branch 'ow/config-mailmap-pathname'Libravatar Junio C Hamano1-1/+1
mailmap.file configuration names a pathname, hence should honor ~/path and ~user/path as its value. * ow/config-mailmap-pathname: config: respect '~' and '~user' in mailmap.file
2014-06-16Merge branch 'fc/remote-helper-refmap'Libravatar Junio C Hamano8-14/+141
Allow remote-helper/fast-import based transport to rename the refs while transferring the history. * fc/remote-helper-refmap: transport-helper: remove unnecessary strbuf resets transport-helper: add support to delete branches fast-export: add support to delete refs fast-import: add support to delete refs transport-helper: add support to push symbolic refs transport-helper: add support for old:new refspec fast-export: add new --refspec option fast-export: improve argument parsing
2014-06-16Merge branch 'nd/daemonize-gc'Libravatar Junio C Hamano1-6/+20
"git gc --auto" was recently changed to run in the background to give control back early to the end-user sitting in front of the terminal, but it forgot that housekeeping involving reflogs should be done without other processes competing for accesses to the refs. * nd/daemonize-gc: gc --auto: do not lock refs in the background
2014-06-16Merge branch 'jm/t9138-style-fix'Libravatar Junio C Hamano1-18/+17
* jm/t9138-style-fix: t9138-git-svn-authors-prog.sh fixups
2014-06-16Merge branch 'jm/instaweb-apache-24'Libravatar Junio C Hamano1-1/+11
* jm/instaweb-apache-24: git-instaweb: add support for Apache 2.4
2014-06-16Merge branch 'jl/remote-rm-prune'Libravatar Junio C Hamano3-9/+52
"git remote rm" and "git remote prune" can involve removing many refs at once, which is not a very efficient thing to do when very many refs exist in the packed-refs file. * jl/remote-rm-prune: remote prune: optimize "dangling symref" check/warning remote: repack packed-refs once when deleting multiple refs remote rm: delete remote configuration as the last
2014-06-16Merge branch 'jk/complete-merge-pull'Libravatar Junio C Hamano1-1/+5
The completion code did not know about quite a few options that are common between "git merge" and "git pull", and a couple of options unique to "git merge". * jk/complete-merge-pull: completion: add missing options for git-merge completion: add a note that merge options are shared
2014-06-16Merge branch 'bg/xcalloc-nmemb-then-size'Libravatar Junio C Hamano12-21/+21
Like calloc(3), xcalloc() takes nmemb and then size. * bg/xcalloc-nmemb-then-size: transport-helper.c: rearrange xcalloc arguments remote.c: rearrange xcalloc arguments reflog-walk.c: rearrange xcalloc arguments pack-revindex.c: rearrange xcalloc arguments notes.c: rearrange xcalloc arguments imap-send.c: rearrange xcalloc arguments http-push.c: rearrange xcalloc arguments diff.c: rearrange xcalloc arguments config.c: rearrange xcalloc arguments commit.c: rearrange xcalloc arguments builtin/remote.c: rearrange xcalloc arguments builtin/ls-remote.c: rearrange xcalloc arguments
2014-06-16Merge branch 'jl/status-added-submodule-is-never-ignored'Libravatar Junio C Hamano5-8/+108
submodule.*.ignore and diff.ignoresubmodules are used to ignore all submodule changes in "diff" output, but it can be confusing to apply these configuration values to status and commit. This is a backward-incompatible change, but should be so in a good way (aka bugfix). * jl/status-added-submodule-is-never-ignored: commit -m: commit staged submodules regardless of ignore config status/commit: show staged submodules regardless of ignore config
2014-06-16Merge branch 'cb/byte-order'Libravatar Junio C Hamano1-9/+24
Compatibility enhancement for Solaris. * cb/byte-order: compat/bswap.h: fix endianness detection compat/bswap.h: restore preference __BIG_ENDIAN over BIG_ENDIAN compat/bswap.h: detect endianness on more platforms that don't use BYTE_ORDER
2014-06-16Merge branch 'jk/strbuf-tolower'Libravatar Junio C Hamano4-7/+13
* jk/strbuf-tolower: strbuf: add strbuf_tolower function
2014-06-16Merge branch 'jk/daemon-tolower'Libravatar Junio C Hamano4-22/+16
* jk/daemon-tolower: daemon/config: factor out duplicate xstrdup_tolower
2014-06-16Merge branch 'as/pretty-truncate'Libravatar Junio C Hamano5-72/+282
* as/pretty-truncate: pretty.c: format string with truncate respects logOutputEncoding t4205, t6006: add tests that fail with i18n.logOutputEncoding set t4205 (log-pretty-format): use `tformat` rather than `format` t4041, t4205, t6006, t7102: don't hardcode tested encoding value t4205 (log-pretty-formats): don't hardcode SHA-1 in expected outputs
2014-06-16Merge branch 'jk/diff-follow-must-take-one-pathspec'Libravatar Junio C Hamano2-6/+5
* jk/diff-follow-must-take-one-pathspec: move "--follow needs one pathspec" rule to diff_setup_done
2014-06-16Merge branch 'sk/windows-unc-path'Libravatar Junio C Hamano5-8/+30
* sk/windows-unc-path: Windows: allow using UNC path for git repository
2014-06-16Merge branch 'rr/rebase-autostash-fix'Libravatar Junio C Hamano3-3/+27
* rr/rebase-autostash-fix: rebase -i: test "Nothing to do" case with autostash rebase -i: handle "Nothing to do" case with autostash
2014-06-16Merge branch 'jk/report-fail-to-read-objects-better'Libravatar Junio C Hamano1-1/+5
* jk/report-fail-to-read-objects-better: open_sha1_file: report "most interesting" errno
2014-06-16Merge branch 'jk/diff-files-assume-unchanged'Libravatar Junio C Hamano2-12/+32
* jk/diff-files-assume-unchanged: run_diff_files: do not look at uninitialized stat data
2014-06-16Merge branch 'jk/argv-array-for-child-process'Libravatar Junio C Hamano9-107/+57
* jk/argv-array-for-child-process: argv-array: drop "detach" code get_importer: use run-command's internal argv_array get_exporter: use argv_array get_helper: use run-command's internal argv_array git_connect: use argv_array run_column_filter: use argv_array run-command: store an optional argv_array
2014-06-16Merge branch 'sk/wincred'Libravatar Junio C Hamano1-4/+12
* sk/wincred: wincred: avoid overwriting configured variables wincred: add install target
2014-06-16Merge branch 'jk/do-not-run-httpd-tests-as-root'Libravatar Junio C Hamano1-0/+5
* jk/do-not-run-httpd-tests-as-root: t/lib-httpd: require SANITY prereq
2014-06-16Merge branch 'cc/replace-edit'Libravatar Junio C Hamano3-46/+222
"git replace" learns a new "--edit" option. * cc/replace-edit: Documentation: replace: describe new --edit option replace: add --edit to usage string replace: add tests for --edit replace: die early if replace ref already exists replace: refactor checking ref validity replace: make sure --edit results in a different object replace: add --edit option replace: factor object resolution out of replace_object replace: use OPT_CMDMODE to handle modes replace: refactor command-mode determination
2014-06-16Merge branch 'mt/patch-id-stable' (early part)Libravatar Junio C Hamano5-31/+208
* 'mt/patch-id-stable' (early part): patch-id-test: test stable and unstable behaviour patch-id: make it stable against hunk reordering test doc: test_write_lines does not split its arguments test: add test_write_lines helper
2014-06-12Sync with maintLibravatar Junio C Hamano1-2/+0
* maint: pull: do not abuse 'break' inside a shell 'case'
2014-06-12Merge branch 'jc/rev-parse-argh-dashed-multi-words' into maintLibravatar Junio C Hamano2-0/+7
* jc/rev-parse-argh-dashed-multi-words: update-index: fix segfault with missing --cacheinfo argument
2014-06-12pull: do not abuse 'break' inside a shell 'case'Libravatar Jacek Konieczny1-2/+0
It is not C. The code would break under mksh when 'pull.ff' is set: $ git pull /usr/lib/git-core/git-pull[67]: break: can't break Already up-to-date. Signed-off-by: Jacek Konieczny <jajcus@jajcus.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>