https://github.com/git/git
- v2.9.5
- v2.9.4
- v2.9.3
- v2.9.2
- v2.9.1
- v2.9.0-rc2
- v2.9.0-rc1
- v2.9.0-rc0
- v2.9.0
- v2.8.6
- v2.8.5
- v2.8.4
- v2.8.3
- v2.8.2
- v2.8.1
- v2.8.0-rc4
- v2.8.0-rc3
- v2.8.0-rc2
- v2.8.0-rc1
- v2.8.0-rc0
- v2.8.0
- v2.7.6
- v2.7.5
- v2.7.4
- v2.7.3
- v2.7.2
- v2.7.1
- v2.7.0-rc3
- v2.7.0-rc2
- v2.7.0-rc1
- v2.7.0-rc0
- v2.7.0
- v2.6.7
- v2.6.6
- v2.6.5
- v2.6.4
- v2.6.3
- v2.6.2
- v2.6.1
- v2.6.0-rc3
- v2.6.0-rc2
- v2.6.0-rc1
- v2.6.0-rc0
- v2.6.0
- v2.5.6
- v2.5.5
- v2.5.4
- v2.5.3
- v2.5.2
- v2.5.1
- v2.5.0-rc3
- v2.5.0-rc2
- v2.5.0-rc1
- v2.5.0-rc0
- v2.5.0
- v2.44.0-rc2
- v2.44.0-rc1
- v2.44.0-rc0
- v2.44.0
- v2.43.3
- v2.43.2
- v2.43.1
- v2.43.0-rc2
- v2.43.0-rc1
- v2.43.0-rc0
- v2.43.0
- v2.42.1
- v2.42.0-rc2
- v2.42.0-rc1
- v2.42.0-rc0
- v2.42.0
- v2.41.0-rc2
- v2.41.0-rc1
- v2.41.0-rc0
- v2.41.0
- v2.40.1
- v2.40.0-rc2
- v2.40.0-rc1
- v2.40.0-rc0
- v2.40.0
- v2.4.9
- v2.4.8
- v2.4.7
- v2.4.6
- v2.4.5
- v2.4.4
- v2.4.3
- v2.4.2
- v2.4.12
- v2.4.11
- v2.4.10
- v2.4.1
- v2.4.0-rc3
- v2.4.0-rc2
- v2.4.0-rc1
- v2.4.0-rc0
- v2.4.0
- v2.39.3
- v2.39.2
- v2.39.1
- v2.39.0-rc2
- v2.39.0-rc1
- v2.39.0-rc0
- v2.39.0
- v2.38.5
- v2.38.4
- v2.38.3
- v2.38.2
- v2.38.1
- v2.38.0-rc2
- v2.38.0-rc1
- v2.38.0-rc0
- v2.38.0
- v2.37.7
- v2.37.6
- v2.37.5
- v2.37.4
- v2.37.3
- v2.37.2
- v2.37.1
- v2.37.0-rc2
- v2.37.0-rc1
- v2.37.0-rc0
- v2.37.0
- v2.36.6
- v2.36.5
- v2.36.4
- v2.36.3
- v2.36.2
- v2.36.1
- v2.36.0-rc2
- v2.36.0-rc1
- v2.36.0-rc0
- v2.36.0
- v2.35.8
- v2.35.7
- v2.35.6
- v2.35.5
- v2.35.4
- v2.35.3
- v2.35.2
- v2.35.1
- v2.35.0-rc2
- v2.35.0-rc1
- v2.35.0-rc0
- v2.35.0
- v2.34.8
- v2.34.7
- v2.34.6
- v2.34.5
- v2.34.4
- v2.34.3
- v2.34.2
- v2.34.1
- v2.34.0-rc2
- v2.34.0-rc1
- v2.34.0-rc0
- v2.34.0
- v2.33.8
- v2.33.7
- v2.33.6
- v2.33.5
- v2.33.4
- v2.33.3
- v2.33.2
- v2.33.1
- v2.33.0-rc2
- v2.33.0-rc1
- v2.33.0-rc0
- v2.33.0
- v2.32.7
- v2.32.6
- v2.32.5
- v2.32.4
- v2.32.3
- v2.32.2
- v2.32.1
- v2.32.0-rc3
- v2.32.0-rc2
- v2.32.0-rc1
- v2.32.0-rc0
- v2.32.0
- v2.31.8
- v2.31.7
- v2.31.6
- v2.31.5
- v2.31.4
- v2.31.3
- v2.31.2
- v2.31.1
- v2.31.0-rc2
- v2.31.0-rc1
- v2.31.0-rc0
- v2.31.0
- v2.30.9
- v2.30.8
- v2.30.7
- v2.30.6
- v2.30.5
- v2.30.4
- v2.30.3
- v2.30.2
- v2.30.1
- v2.30.0-rc2
- v2.30.0-rc1
- v2.30.0-rc0
- v2.30.0
- v2.3.9
- v2.3.8
- v2.3.7
- v2.3.6
- v2.3.5
- v2.3.4
- v2.3.3
- v2.3.2
- v2.3.10
- v2.3.1
- v2.3.0-rc2
- v2.3.0-rc1
- v2.3.0-rc0
- v2.3.0
- v2.29.3
- v2.29.2
- v2.29.1
- v2.29.0-rc2
- v2.29.0-rc1
- v2.29.0-rc0
- v2.29.0
- v2.28.1
- v2.28.0-rc2
- v2.28.0-rc1
- v2.28.0-rc0
- v2.28.0
- v2.27.1
- v2.27.0-rc2
- v2.27.0-rc1
- v2.27.0-rc0
- v2.27.0
- v2.26.3
- v2.26.2
- v2.26.1
- v2.26.0-rc2
- v2.26.0-rc1
- v2.26.0-rc0
- v2.26.0
- v2.25.5
- v2.25.4
- v2.25.3
- v2.25.2
- v2.25.1
- v2.25.0-rc2
- v2.25.0-rc1
- v2.25.0-rc0
- v2.25.0
- v2.24.4
- v2.24.3
- v2.24.2
- v2.24.1
- v2.24.0-rc2
- v2.24.0-rc1
- v2.24.0-rc0
- v2.24.0
- v2.23.4
- v2.23.3
- v2.23.2
- v2.23.1
- v2.23.0-rc2
- v2.23.0-rc1
- v2.23.0-rc0
- v2.23.0
- v2.22.5
- v2.22.4
- v2.22.3
- v2.22.2
- v2.22.1
- v2.22.0-rc3
- v2.22.0-rc2
- v2.22.0-rc1
- v2.22.0-rc0
- v2.22.0
- v2.21.4
- v2.21.3
- v2.21.2
- v2.21.1
- v2.21.0-rc2
- v2.21.0-rc1
- v2.21.0-rc0
- v2.21.0
- v2.20.5
- v2.20.4
- v2.20.3
- v2.20.2
- v2.20.1
- v2.20.0-rc2
- v2.20.0-rc1
- v2.20.0-rc0
- v2.20.0
- v2.2.3
- v2.2.2
- v2.2.1
- v2.2.0-rc3
- v2.2.0-rc2
- v2.2.0-rc1
- v2.2.0-rc0
- v2.2.0
- v2.19.6
- v2.19.5
- v2.19.4
- v2.19.3
- v2.19.2
- v2.19.1
- v2.19.0-rc2
- v2.19.0-rc1
- v2.19.0-rc0
- v2.19.0
- v2.18.5
- v2.18.4
- v2.18.3
- v2.18.2
- v2.18.1
- v2.18.0-rc2
- v2.18.0-rc1
- v2.18.0-rc0
- v2.18.0
- v2.17.6
- v2.17.5
- v2.17.4
- v2.17.3
- v2.17.2
- v2.17.1
- v2.17.0-rc2
- v2.17.0-rc1
- v2.17.0-rc0
- v2.17.0
- v2.16.6
- v2.16.5
- v2.16.4
- v2.16.3
- v2.16.2
- v2.16.1
- v2.16.0-rc2
- v2.16.0-rc1
- v2.16.0-rc0
- v2.16.0
- v2.15.4
- v2.15.3
- v2.15.2
- v2.15.1
- v2.15.0-rc2
- v2.15.0-rc1
- v2.15.0-rc0
- v2.15.0
- v2.14.6
- v2.14.5
- v2.14.4
- v2.14.3
- v2.14.2
- v2.14.1
- v2.14.0-rc1
- v2.14.0-rc0
- v2.14.0
- v2.13.7
- v2.13.6
- v2.13.5
- v2.13.4
- v2.13.3
- v2.13.2
- v2.13.1
- v2.13.0-rc2
- v2.13.0-rc1
- v2.13.0-rc0
- v2.13.0
- v2.12.5
- v2.12.4
- v2.12.3
- v2.12.2
- v2.12.1
- v2.12.0-rc2
- v2.12.0-rc1
- v2.12.0-rc0
- v2.12.0
- v2.11.4
- v2.11.3
- v2.11.2
- v2.11.1
- v2.11.0-rc3
- v2.11.0-rc2
- v2.11.0-rc1
- v2.11.0-rc0
- v2.11.0
- v2.10.5
- v2.10.4
- v2.10.3
- v2.10.2
- v2.10.1
- v2.10.0-rc2
- v2.10.0-rc1
- v2.10.0-rc0
- v2.10.0
- v2.1.4
- v2.1.3
- v2.1.2
- v2.1.1
- v2.1.0-rc2
- v2.1.0-rc1
- v2.1.0-rc0
- v2.1.0
- v2.0.5
- v2.0.4
- v2.0.3
- v2.0.2
- v2.0.1
- v2.0.0-rc4
- v2.0.0-rc3
- v2.0.0-rc2
- v2.0.0-rc1
- v2.0.0-rc0
- v2.0.0
- v1.9.5
- v1.9.4
- v1.9.3
- v1.9.2
- v1.9.1
- v1.9.0-rc3
- v1.9.0
- v1.9-rc2
- v1.9-rc1
- v1.9-rc0
- v1.8.5.6
- v1.8.5.5
- v1.8.5.4
- v1.8.5.3
- v1.8.5.2
- v1.8.5.1
- v1.8.5-rc3
- v1.8.5-rc2
- v1.8.5-rc1
- v1.8.5-rc0
- v1.8.5
- v1.8.4.5
- v1.8.4.4
- v1.8.4.3
- v1.8.4.2
- v1.8.4.1
- v1.8.4-rc4
- v1.8.4-rc3
- v1.8.4-rc2
- v1.8.4-rc1
- v1.8.4-rc0
- v1.8.4
- v1.8.3.4
- v1.8.3.3
- v1.8.3.2
- v1.8.3.1
- v1.8.3-rc3
- v1.8.3-rc2
- v1.8.3-rc1
- v1.8.3-rc0
- v1.8.3
- v1.8.2.3
- v1.8.2.2
- v1.8.2.1
- v1.8.2-rc3
- v1.8.2-rc2
- v1.8.2-rc1
- v1.8.2-rc0
- v1.8.2
- v1.8.1.6
- v1.8.1.5
- v1.8.1.4
- v1.8.1.3
- v1.8.1.2
- v1.8.1.1
- v1.8.1-rc3
- v1.8.1-rc2
- v1.8.1-rc1
- v1.8.1-rc0
- v1.8.1
- v1.8.0.3
- v1.8.0.2
- v1.8.0.1
- v1.8.0-rc3
- v1.8.0-rc2
- v1.8.0-rc1
- v1.8.0-rc0
- v1.8.0
- v1.7.9.7
- v1.7.9.6
- v1.7.9.5
- v1.7.9.4
- v1.7.9.3
- v1.7.9.2
- v1.7.9.1
- v1.7.9-rc2
- v1.7.9-rc1
- v1.7.9-rc0
- v1.7.9
- v1.7.8.6
- v1.7.8.5
- v1.7.8.4
- v1.7.8.3
- v1.7.8.2
- v1.7.8.1
- v1.7.8-rc4
- v1.7.8-rc3
- v1.7.8-rc2
- v1.7.8-rc1
- v1.7.8-rc0
- v1.7.8
- v1.7.7.7
- v1.7.7.6
- v1.7.7.5
- v1.7.7.4
- v1.7.7.3
- v1.7.7.2
- v1.7.7.1
- v1.7.7-rc3
- v1.7.7-rc2
- v1.7.7-rc1
- v1.7.7-rc0
- v1.7.7
- v1.7.6.6
- v1.7.6.5
- v1.7.6.4
- v1.7.6.3
- v1.7.6.2
- v1.7.6.1
- v1.7.6-rc3
- v1.7.6-rc2
- v1.7.6-rc1
- v1.7.6-rc0
- v1.7.6
- v1.7.5.4
- v1.7.5.3
- v1.7.5.2
- v1.7.5.1
- v1.7.5-rc3
- v1.7.5-rc2
- v1.7.5-rc1
- v1.7.5-rc0
- v1.7.5
- v1.7.4.5
- v1.7.4.4
- v1.7.4.3
- v1.7.4.2
- v1.7.4.1
- v1.7.4-rc3
- v1.7.4-rc2
- v1.7.4-rc1
- v1.7.4-rc0
- v1.7.4
- v1.7.3.5
- v1.7.3.4
- v1.7.3.3
- v1.7.3.2
- v1.7.3.1
- v1.7.3-rc2
- v1.7.3-rc1
- v1.7.3-rc0
- v1.7.3
- v1.7.2.5
- v1.7.2.4
- v1.7.2.3
- v1.7.2.2
- v1.7.2.1
- v1.7.2-rc3
- v1.7.2-rc2
- v1.7.2-rc1
- v1.7.2-rc0
- v1.7.2
- v1.7.12.4
- v1.7.12.3
- v1.7.12.2
- v1.7.12.1
- v1.7.12-rc3
- v1.7.12-rc2
- v1.7.12-rc1
- v1.7.12-rc0
- v1.7.12
- v1.7.11.7
- v1.7.11.6
- v1.7.11.5
- v1.7.11.4
- v1.7.11.3
- v1.7.11.2
- v1.7.11.1
- v1.7.11-rc3
- v1.7.11-rc2
- v1.7.11-rc1
- v1.7.11-rc0
- v1.7.11
- v1.7.10.5
- v1.7.10.4
- v1.7.10.3
- v1.7.10.2
- v1.7.10.1
- v1.7.10-rc4
- v1.7.10-rc3
- v1.7.10-rc2
- v1.7.10-rc1
- v1.7.10-rc0
- v1.7.10
- v1.7.1.4
- v1.7.1.3
- v1.7.1.2
- v1.7.1.1
- v1.7.1-rc2
- v1.7.1-rc1
- v1.7.1-rc0
- v1.7.1
- v1.7.0.9
- v1.7.0.8
- v1.7.0.7
- v1.7.0.6
- v1.7.0.5
- v1.7.0.4
- v1.7.0.3
- v1.7.0.2
- v1.7.0.1
- v1.7.0-rc2
- v1.7.0-rc1
- v1.7.0-rc0
- v1.7.0
- v1.6.6.3
- v1.6.6.2
- v1.6.6.1
- v1.6.6-rc4
- v1.6.6-rc3
- v1.6.6-rc2
- v1.6.6-rc1
- v1.6.6-rc0
- v1.6.6
- v1.6.5.9
- v1.6.5.8
- v1.6.5.7
- v1.6.5.6
- v1.6.5.5
- v1.6.5.4
- v1.6.5.3
- v1.6.5.2
- v1.6.5.1
- v1.6.5-rc3
- v1.6.5-rc2
- v1.6.5-rc1
- v1.6.5-rc0
- v1.6.5
- v1.6.4.5
- v1.6.4.4
- v1.6.4.3
- v1.6.4.2
- v1.6.4.1
- v1.6.4-rc3
- v1.6.4-rc2
- v1.6.4-rc1
- v1.6.4-rc0
- v1.6.4
- v1.6.3.4
- v1.6.3.3
- v1.6.3.2
- v1.6.3.1
- v1.6.3-rc4
- v1.6.3-rc3
- v1.6.3-rc2
- v1.6.3-rc1
- v1.6.3-rc0
- v1.6.3
- v1.6.2.5
- v1.6.2.4
- v1.6.2.3
- v1.6.2.2
- v1.6.2.1
- v1.6.2-rc2
- v1.6.2-rc1
- v1.6.2-rc0
- v1.6.2
- v1.6.1.4
- v1.6.1.3
- v1.6.1.2
- v1.6.1.1
- v1.6.1-rc4
- v1.6.1-rc3
- v1.6.1-rc2
- v1.6.1-rc1
- v1.6.1
- v1.6.0.6
- v1.6.0.5
- v1.6.0.4
- v1.6.0.3
- v1.6.0.2
- v1.6.0.1
- v1.6.0-rc3
- v1.6.0-rc2
- v1.6.0-rc1
- v1.6.0-rc0
- v1.6.0
- v1.5.6.6
- v1.5.6.5
- v1.5.6.4
- v1.5.6.3
- v1.5.6.2
- v1.5.6.1
- v1.5.6-rc3
- v1.5.6-rc2
- v1.5.6-rc1
- v1.5.6-rc0
- v1.5.6
- v1.5.5.6
- v1.5.5.5
- v1.5.5.4
- v1.5.5.3
- v1.5.5.2
- v1.5.5.1
- v1.5.5-rc3
- v1.5.5-rc2
- v1.5.5-rc1
- v1.5.5-rc0
- v1.5.5
- v1.5.4.7
- v1.5.4.6
- v1.5.4.5
- v1.5.4.4
- v1.5.4.3
- v1.5.4.2
- v1.5.4.1
- v1.5.4-rc5
- v1.5.4-rc4
- v1.5.4-rc3
- v1.5.4-rc2
- v1.5.4-rc1
- v1.5.4-rc0
- v1.5.4
- v1.5.3.8
- v1.5.3.7
- v1.5.3.6
- v1.5.3.5
- v1.5.3.4
- v1.5.3.3
- v1.5.3.2
- v1.5.3.1
- v1.5.3-rc7
- v1.5.3-rc6
- v1.5.3-rc5
- v1.5.3-rc4
- v1.5.3-rc3
- v1.5.3-rc2
- v1.5.3-rc1
- v1.5.3-rc0
- v1.5.3
- v1.5.2.5
- v1.5.2.4
- v1.5.2.3
- v1.5.2.2
- v1.5.2.1
- v1.5.2-rc3
- v1.5.2-rc2
- v1.5.2-rc1
- v1.5.2-rc0
- v1.5.2
- v1.5.1.6
- v1.5.1.5
- v1.5.1.4
- v1.5.1.3
- v1.5.1.2
- v1.5.1.1
- v1.5.1-rc3
- v1.5.1-rc2
- v1.5.1-rc1
- v1.5.1
- v1.5.0.7
- v1.5.0.6
- v1.5.0.5
- v1.5.0.4
- v1.5.0.3
- v1.5.0.2
- v1.5.0.1
- v1.5.0-rc4
- v1.5.0-rc3
- v1.5.0-rc2
- v1.5.0-rc1
- v1.5.0-rc0
- v1.5.0
- v1.4.4.5
- v1.4.4.4
- v1.4.4.3
- v1.4.4.2
- v1.4.4.1
- v1.4.4-rc2
- v1.4.4-rc1
- v1.4.4
- v1.4.3.5
- v1.4.3.4
- v1.4.3.3
- v1.4.3.2
- v1.4.3.1
- v1.4.3-rc3
- v1.4.3-rc2
- v1.4.3-rc1
- v1.4.3
- v1.4.2.4
- v1.4.2.3
- v1.4.2.2
- v1.4.2.1
- v1.4.2-rc4
- v1.4.2-rc3
- v1.4.2-rc2
- v1.4.2-rc1
- v1.4.2
- v1.4.1.1
- v1.4.1-rc2
- v1.4.1-rc1
- v1.4.1
- v1.4.0-rc2
- v1.4.0-rc1
- v1.4.0
- v1.3.3
- v1.3.2
- v1.3.1
- v1.3.0-rc4
- v1.3.0-rc3
- v1.3.0-rc2
- v1.3.0-rc1
- v1.3.0
- v1.2.6
- v1.2.5
- v1.2.4
- v1.2.3
- v1.2.2
- v1.2.1
- v1.2.0
- v1.1.6
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1.0
- v1.0.9
- v1.0.8
- v1.0.7
- v1.0.6
- v1.0.5
- v1.0.4
- v1.0.3
- v1.0.13
- v1.0.12
- v1.0.11
- v1.0.10
- v1.0.0b
- v1.0.0a
- v1.0.0
- v0.99.9n
- v0.99.9m
- v0.99.9l
- v0.99.9k
- v0.99.9j
- v0.99.9i
- v0.99.9h
- v0.99.9g
- v0.99.9f
- v0.99.9e
- v0.99.9d
- v0.99.9c
- v0.99.9b
- v0.99.9a
- v0.99.9
- v0.99.8g
- v0.99.8f
- v0.99.8e
- v0.99.8d
- v0.99.8c
- v0.99.8b
- v0.99.8a
- v0.99.8
- v0.99.7d
- v0.99.7c
- v0.99.7b
- v0.99.7a
- v0.99.7
- v0.99.6
- v0.99.5
- v0.99.4
- v0.99.3
- v0.99.2
- v0.99.1
- v0.99
- gitgui-0.9.3
- gitgui-0.9.2
- gitgui-0.9.1
- gitgui-0.9.0
- gitgui-0.8.4
- gitgui-0.8.3
- gitgui-0.8.2
- gitgui-0.8.1
- gitgui-0.8.0
- gitgui-0.7.5
- gitgui-0.7.4
- gitgui-0.7.3
- gitgui-0.7.2
- gitgui-0.7.1
- gitgui-0.7.0-rc1
- gitgui-0.7.0
- gitgui-0.6.5
- gitgui-0.6.4
- gitgui-0.6.3
- gitgui-0.6.2
- gitgui-0.6.1
- gitgui-0.6.0
- gitgui-0.21.0
- gitgui-0.20.0
- gitgui-0.19.0
- gitgui-0.18.0
- gitgui-0.17.0
- gitgui-0.16.0
- gitgui-0.15.0
- gitgui-0.14.0
- gitgui-0.13.0
- gitgui-0.12.0
- gitgui-0.11.0
- gitgui-0.10.2
- gitgui-0.10.1
- gitgui-0.10.0
Take a new snapshot of a software origin
If the archived software origin currently browsed is not synchronized with its upstream version (for instance when new commits have been issued), you can explicitly request Software Heritage to take a new snapshot of it.
Use the form below to proceed. Once a request has been submitted and accepted, it will be processed as soon as possible. You can then check its processing state by visiting this dedicated page.![swh spinner](/static/img/swh-spinner.gif)
Processing "take a new snapshot" request ...
Permalinks
To reference or cite the objects present in the Software Heritage archive, permalinks based on SoftWare Hash IDentifiers (SWHIDs) must be used.
Select below a type of object currently browsed in order to display its associated SWHID and permalink.
Revision | Author | Date | Message | Commit Date |
---|---|---|---|---|
ac86677 | Junio C Hamano | 18 October 2017, 05:19:14 UTC | Merge branch 'rs/rs-mailmap' into maint * rs/rs-mailmap: .mailmap: normalize name for René Scharfe | 18 October 2017, 05:19:14 UTC |
b0e5269 | Junio C Hamano | 18 October 2017, 05:19:14 UTC | Merge branch 'rs/fsck-null-return-from-lookup' into maint Improve behaviour of "git fsck" upon finding a missing object. * rs/fsck-null-return-from-lookup: fsck: handle NULL return of lookup_blob() and lookup_tree() | 18 October 2017, 05:19:14 UTC |
eeed979 | Junio C Hamano | 18 October 2017, 05:19:14 UTC | Merge branch 'jk/sha1-loose-object-info-fix' into maint Leakfix and futureproofing. * jk/sha1-loose-object-info-fix: sha1_loose_object_info: handle errors from unpack_sha1_rest | 18 October 2017, 05:19:14 UTC |
a116022 | Junio C Hamano | 18 October 2017, 05:19:14 UTC | Merge branch 'sb/branch-avoid-repeated-strbuf-release' into maint * sb/branch-avoid-repeated-strbuf-release: branch: reset instead of release a strbuf | 18 October 2017, 05:19:14 UTC |
4bf90c1 | Junio C Hamano | 18 October 2017, 05:19:14 UTC | Merge branch 'rs/qsort-s' into maint * rs/qsort-s: test-stringlist: avoid buffer underrun when sorting nothing | 18 October 2017, 05:19:14 UTC |
3c905dd | Junio C Hamano | 18 October 2017, 05:19:13 UTC | Merge branch 'jn/strbuf-doc-re-reuse' into maint * jn/strbuf-doc-re-reuse: strbuf doc: reuse after strbuf_release is fine | 18 October 2017, 05:19:13 UTC |
116d1d4 | Junio C Hamano | 18 October 2017, 05:19:13 UTC | Merge branch 'rs/run-command-use-alloc-array' into maint Code clean-up. * rs/run-command-use-alloc-array: run-command: use ALLOC_ARRAY | 18 October 2017, 05:19:13 UTC |
073a1fd | Junio C Hamano | 18 October 2017, 05:19:12 UTC | Merge branch 'rs/tag-null-pointer-arith-fix' into maint Code clean-up. * rs/tag-null-pointer-arith-fix: tag: avoid NULL pointer arithmetic | 18 October 2017, 05:19:12 UTC |
ff35d2a | Junio C Hamano | 18 October 2017, 05:19:12 UTC | Merge branch 'rs/cocci-de-paren-call-params' into maint Code clean-up. * rs/cocci-de-paren-call-params: coccinelle: remove parentheses that become unnecessary | 18 October 2017, 05:19:12 UTC |
1fa0526 | Junio C Hamano | 18 October 2017, 05:19:12 UTC | Merge branch 'ad/doc-markup-fix' into maint Docfix. * ad/doc-markup-fix: doc: correct command formatting | 18 October 2017, 05:19:12 UTC |
8a19eee | Junio C Hamano | 18 October 2017, 05:19:12 UTC | Merge branch 'mr/doc-negative-pathspec' into maint Doc updates. * mr/doc-negative-pathspec: docs: improve discoverability of exclude pathspec | 18 October 2017, 05:19:12 UTC |
41052b1 | Junio C Hamano | 18 October 2017, 05:19:12 UTC | Merge branch 'jk/validate-headref-fix' into maint Code clean-up. * jk/validate-headref-fix: validate_headref: use get_oid_hex for detached HEADs validate_headref: use skip_prefix for symref parsing validate_headref: NUL-terminate HEAD buffer | 18 October 2017, 05:19:12 UTC |
7f607f6 | Junio C Hamano | 18 October 2017, 05:19:12 UTC | Merge branch 'ks/doc-use-camelcase-for-config-name' into maint Doc update. * ks/doc-use-camelcase-for-config-name: doc: camelCase the config variables to improve readability | 18 October 2017, 05:19:12 UTC |
e1a05be | Junio C Hamano | 18 October 2017, 05:19:11 UTC | Merge branch 'jk/doc-read-tree-table-asciidoctor-fix' into maint A docfix. * jk/doc-read-tree-table-asciidoctor-fix: doc: put literal block delimiter around table | 18 October 2017, 05:19:11 UTC |
9554e71 | Junio C Hamano | 18 October 2017, 05:19:11 UTC | Merge branch 'hn/typofix' into maint * hn/typofix: submodule.h: typofix | 18 October 2017, 05:19:11 UTC |
8e81361 | Junio C Hamano | 18 October 2017, 05:19:10 UTC | Merge branch 'ks/test-readme-phrasofix' into maint Doc updates. * ks/test-readme-phrasofix: t/README: fix typo and grammatically improve a sentence | 18 October 2017, 05:19:10 UTC |
0c52150 | Junio C Hamano | 18 October 2017, 05:19:10 UTC | Merge branch 'ez/doc-duplicated-words-fix' into maint Typofix. * ez/doc-duplicated-words-fix: doc: fix minor typos (extra/duplicated words) | 18 October 2017, 05:19:10 UTC |
5a4ec5c | Junio C Hamano | 18 October 2017, 05:19:10 UTC | Merge branch 'kd/doc-for-each-ref' into maint Doc update. * kd/doc-for-each-ref: doc/for-each-ref: explicitly specify option names doc/for-each-ref: consistently use '=' to between argument names and values | 18 October 2017, 05:19:10 UTC |
1c45e39 | Junio C Hamano | 18 October 2017, 05:19:10 UTC | Merge branch 'cc/subprocess-handshake-missing-capabilities' into maint Finishing touches to a topic already in 'master'. * cc/subprocess-handshake-missing-capabilities: subprocess: loudly die when subprocess asks for an unsupported capability | 18 October 2017, 05:19:10 UTC |
110a642 | Junio C Hamano | 18 October 2017, 05:19:10 UTC | Merge branch 'jk/system-path-cleanup' into maint Code clean-up. * jk/system-path-cleanup: git_extract_argv0_path: do nothing without RUNTIME_PREFIX system_path: move RUNTIME_PREFIX to a sub-function | 18 October 2017, 05:19:10 UTC |
28a925b | Junio C Hamano | 18 October 2017, 05:19:09 UTC | Merge branch 'bb/doc-eol-dirty' into maint Doc update. * bb/doc-eol-dirty: Documentation: mention that `eol` can change the dirty status of paths | 18 October 2017, 05:19:09 UTC |
0445bd7 | Junio C Hamano | 18 October 2017, 05:19:09 UTC | Merge branch 'mg/timestamp-t-fix' into maint A mismerge fix. * mg/timestamp-t-fix: name-rev: change ULONG_MAX to TIME_MAX | 18 October 2017, 05:19:09 UTC |
6da2d14 | Junio C Hamano | 18 October 2017, 05:19:08 UTC | Merge branch 'ma/pkt-line-leakfix' into maint A leakfix. * ma/pkt-line-leakfix: pkt-line: re-'static'-ify buffer in packet_write_fmt_1() | 18 October 2017, 05:19:08 UTC |
96d14cb | Junio C Hamano | 18 October 2017, 05:19:07 UTC | Merge branch 'jk/config-lockfile-leak-fix' into maint A leakfix. * jk/config-lockfile-leak-fix: config: use a static lock_file struct | 18 October 2017, 05:19:08 UTC |
f77196e | Junio C Hamano | 18 October 2017, 05:19:07 UTC | Merge branch 'dw/diff-highlight-makefile-fix' into maint Build clean-up. * dw/diff-highlight-makefile-fix: diff-highlight: add clean target to Makefile | 18 October 2017, 05:19:07 UTC |
7c9375d | Junio C Hamano | 18 October 2017, 05:19:06 UTC | Merge branch 'jk/drop-sha1-entry-pos' into maint Code clean-up. * jk/drop-sha1-entry-pos: sha1-lookup: remove sha1_entry_pos() from header file sha1_file: drop experimental GIT_USE_LOOKUP search | 18 October 2017, 05:19:06 UTC |
d9e8586 | Junio C Hamano | 18 October 2017, 05:19:06 UTC | Merge branch 'tb/ref-filter-empty-modifier' into maint In the "--format=..." option of the "git for-each-ref" command (and its friends, i.e. the listing mode of "git branch/tag"), "%(atom:)" (e.g. "%(refname:)", "%(body:)" used to error out. Instead, treat them as if the colon and an empty string that follows it were not there. * tb/ref-filter-empty-modifier: ref-filter.c: pass empty-string as NULL to atom parsers | 18 October 2017, 05:19:06 UTC |
96d4b17 | Junio C Hamano | 18 October 2017, 05:19:05 UTC | Merge branch 'rb/compat-poll-fix' into maint Backports a moral equivalent of 2015 fix to the poll emulation from the upstream gnulib to fix occasional breakages on HPE NonStop. * rb/compat-poll-fix: poll.c: always set revents, even if to zero | 18 October 2017, 05:19:05 UTC |
dd5c88a | Junio C Hamano | 18 October 2017, 05:19:04 UTC | Merge branch 'tg/memfixes' into maint Fixes for a handful memory access issues identified by valgrind. * tg/memfixes: sub-process: use child_process.args instead of child_process.argv http-push: fix construction of hex value from path path.c: fix uninitialized memory access | 18 October 2017, 05:19:05 UTC |
d9f5ea4 | Junio C Hamano | 18 October 2017, 05:19:04 UTC | Merge branch 'ar/request-pull-phrasofix' into maint Spell the name of our system as "Git" in the output from request-pull script. * ar/request-pull-phrasofix: request-pull: capitalise "Git" to make it a proper noun | 18 October 2017, 05:19:04 UTC |
77cdf8c | Junio C Hamano | 18 October 2017, 05:19:03 UTC | Merge branch 'jc/merge-x-theirs-docfix' into maint The documentation for '-X<option>' for merges was misleadingly written to suggest that "-s theirs" exists, which is not the case. * jc/merge-x-theirs-docfix: merge-strategies: avoid implying that "-s theirs" exists | 18 October 2017, 05:19:03 UTC |
01ae81e | Junio C Hamano | 18 October 2017, 05:19:03 UTC | Merge branch 'rs/mailinfo-qp-decode-fix' into maint "git mailinfo" was loose in decoding quoted printable and produced garbage when the two letters after the equal sign are not hexadecimal. This has been fixed. * rs/mailinfo-qp-decode-fix: mailinfo: don't decode invalid =XY quoted-printable sequences | 18 October 2017, 05:19:03 UTC |
b8a4e89 | Junio C Hamano | 18 October 2017, 05:19:02 UTC | Merge branch 'ik/userdiff-html-h-element-fix' into maint The built-in pattern to detect the "function header" for HTML did not match <H1>..<H6> elements without any attributes, which has been fixed. * ik/userdiff-html-h-element-fix: userdiff: fix HTML hunk header regexp | 18 October 2017, 05:19:02 UTC |
16ba0f4 | Junio C Hamano | 18 October 2017, 05:19:01 UTC | Merge branch 'jk/diff-blob' into maint "git cat-file --textconv" started segfaulting recently, which has been corrected. * jk/diff-blob: cat-file: handle NULL object_context.path | 18 October 2017, 05:19:01 UTC |
501ec0d | Junio C Hamano | 18 October 2017, 05:19:01 UTC | Merge branch 'jk/describe-omit-some-refs' into maint "git describe --match" learned to take multiple patterns in v2.13 series, but the feature ignored the patterns after the first one and did not work at all. This has been fixed. * jk/describe-omit-some-refs: describe: fix matching to actually match all patterns | 18 October 2017, 05:19:01 UTC |
8dc1d0b | Junio C Hamano | 18 October 2017, 05:19:00 UTC | Merge branch 'mh/for-each-string-list-item-empty-fix' into maint Code cmp.std.c nitpick. * mh/for-each-string-list-item-empty-fix: for_each_string_list_item: avoid undefined behavior for empty list | 18 October 2017, 05:19:00 UTC |
181f145 | Junio C Hamano | 18 October 2017, 05:18:59 UTC | Merge branch 'tb/test-lint-echo-e' into maint The test linter has been taught that we do not like "echo -e". * tb/test-lint-echo-e: test-lint: echo -e (or -E) is not portable | 18 October 2017, 05:19:00 UTC |
14431c7 | Junio C Hamano | 18 October 2017, 05:18:59 UTC | Merge branch 'aw/gc-lockfile-fscanf-fix' into maint "git gc" tries to avoid running two instances at the same time by reading and writing pid/host from and to a lock file; it used to use an incorrect fscanf() format when reading, which has been corrected. * aw/gc-lockfile-fscanf-fix: gc: call fscanf() with %<len>s, not %<len>c, when reading hostname | 18 October 2017, 05:18:59 UTC |
0f21375 | Junio C Hamano | 18 October 2017, 05:18:58 UTC | Merge branch 'tg/refs-allowed-flags' into maint API error-proofing which happens to also squelch warnings from GCC. * tg/refs-allowed-flags: refs: strip out not allowed flags from ref_transaction_update | 18 October 2017, 05:18:59 UTC |
550e41c | Junio C Hamano | 18 October 2017, 05:18:58 UTC | Merge branch 'rs/archive-excluded-directory' into maint "git archive", especially when used with pathspec, stored an empty directory in its output, even though Git itself never does so. This has been fixed. * rs/archive-excluded-directory: archive: don't add empty directories to archives | 18 October 2017, 05:18:58 UTC |
aec2eb8 | Junio C Hamano | 18 October 2017, 05:18:58 UTC | Merge branch 'rk/commit-tree-make-F-verbatim' into maint Unlike "git commit-tree < file", "git commit-tree -F file" did not pass the contents of the file verbatim and instead completed an incomplete line at the end, if exists. The latter has been updated to match the behaviour of the former. * rk/commit-tree-make-F-verbatim: commit-tree: do not complete line in -F input | 18 October 2017, 05:18:58 UTC |
6b89503 | Junio C Hamano | 18 October 2017, 05:18:58 UTC | Merge branch 'mh/packed-ref-store-prep' into maint Fix regression to "gitk --bisect" by a recent update. * mh/packed-ref-store-prep: rev-parse: don't trim bisect refnames | 18 October 2017, 05:18:58 UTC |
05e408d | Junio C Hamano | 18 October 2017, 05:18:58 UTC | Merge branch 'mm/send-email-cc-cruft' into maint In addition to "cc: <a@dd.re.ss> # cruft", "cc: a@dd.re.ss # cruft" was taught to "git send-email" as a valid way to tell it that it needs to also send a carbon copy to <a@dd.re.ss> in the trailer section. * mm/send-email-cc-cruft: send-email: don't use Mail::Address, even if available send-email: fix garbage removal after address | 18 October 2017, 05:18:58 UTC |
6c9d195 | Junio C Hamano | 18 October 2017, 05:18:57 UTC | Merge branch 'rs/strbuf-getwholeline-fix' into maint A helper function to read a single whole line into strbuf mistakenly triggered OOM error at EOF under certain conditions, which has been fixed. * rs/strbuf-getwholeline-fix: strbuf: clear errno before calling getdelim(3) | 18 October 2017, 05:18:58 UTC |
b3ea7dd | Jeff King | 05 October 2017, 05:59:52 UTC | sha1_loose_object_info: handle errors from unpack_sha1_rest When a caller of sha1_object_info_extended() sets the "contentp" field in object_info, we call unpack_sha1_rest() but do not check whether it signaled an error. This causes two problems: 1. We pass back NULL to the caller via the contentp field, but the function returns "0" for success. A caller might reasonably expect after a successful return that it can access contentp without a NULL check and segfault. As it happens, this is impossible to trigger in the current code. There is exactly one caller which uses contentp, read_object(). And the only thing it does after a successful call is to return the content pointer to its caller, using NULL as a sentinel for errors. So in effect it converts the success code from sha1_object_info_extended() back into an error! But this is still worth addressing avoid problems for future users of "contentp". 2. Callers of unpack_sha1_rest() are expected to close the zlib stream themselves on error. Which means that we're leaking the stream. The problem in (1) comes from from c84a1f3ed4 (sha1_file: refactor read_object, 2017-06-21), which added the contentp field. Before that, we called unpack_sha1_rest() via unpack_sha1_file(), which directly used the NULL to signal an error. But note that the leak in (2) is actually older than that. The original unpack_sha1_file() directly returned the result of unpack_sha1_rest() to its caller, when it should have been closing the zlib stream itself on error. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 06 October 2017, 04:04:41 UTC |
99b7b68 | René Scharfe | 05 October 2017, 19:41:31 UTC | .mailmap: normalize name for René Scharfe Reported-by: Johannes Schindelin <johannes.schindelin@gmx.de> Reported-by: Stefan Beller <sbeller@google.com> Signed-off-by: Rene Scharfe <l.s.r@web.de> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 06 October 2017, 02:31:41 UTC |
2720f6d | René Scharfe | 05 October 2017, 19:41:26 UTC | fsck: handle NULL return of lookup_blob() and lookup_tree() lookup_blob() and lookup_tree() can return NULL if they find an object of an unexpected type. Accessing the object member is undefined in that case. Cast the result to a struct object pointer instead; we can do that because object is the first member of all object types. This trick is already used in other places in the code. An error message is already shown by object_as_type(), which is called by the lookup functions. The walk callback functions are expected to handle NULL object pointers passed to them, but put_object_name() needs a valid object, so avoid calling it without one. Suggested-by: SZEDER Gábor <szeder.dev@gmail.com> Helped-by: Junio C Hamano <gitster@pobox.com> Signed-off-by: Rene Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 06 October 2017, 02:04:34 UTC |
bea4dbe | Taylor Blau | 02 October 2017, 16:10:34 UTC | ref-filter.c: pass empty-string as NULL to atom parsers Peff points out that different atom parsers handle the empty "sub-argument" list differently. An example of this is the format "%(refname:)". Since callers often use `string_list_split` (which splits the empty string with any delimiter as a 1-ary string_list containing the empty string), this makes handling empty sub-argument strings non-ergonomic. Let's fix this by declaring that atom parser implementations must not care about distinguishing between the empty string "%(refname:)" and no sub-arguments "%(refname)". Current code aborts, either with "unrecognised arg" (e.g. "refname:") or "does not take args" (e.g. "body:") as an error message. Signed-off-by: Taylor Blau <me@ttaylorr.com> Reviewed-by: Jeff King <peff@peff.net> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 05 October 2017, 01:41:57 UTC |
e022215 | Jonathan Nieder | 04 October 2017, 02:39:54 UTC | strbuf doc: reuse after strbuf_release is fine strbuf_release leaves the strbuf in a valid, initialized state, so there is no need to call strbuf_init after it. Moreover, this is not likely to change in the future: strbuf_release leaving the strbuf in a valid state has been easy to maintain and has been very helpful for Git's robustness and simplicity (e.g., preventing use-after-free vulnerabilities). Document the semantics so the next generation of Git developers can become familiar with them without reading the implementation. It is still not advisable to call strbuf_release too often because it is wasteful, so add a note pointing to strbuf_reset for that. The same semantics apply to strbuf_detach. Add a similar note to its docstring to make that clear. Improved-by: Jeff King <peff@peff.net> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 04 October 2017, 06:21:52 UTC |
a9155c5 | Stefan Beller | 03 October 2017, 22:17:40 UTC | branch: reset instead of release a strbuf Our documentation advises to not re-use a strbuf, after strbuf_release has been called on it. Use the proper reset instead. Currently 'strbuf_release' releases and re-initializes the strbuf, so it is safe, but slow. 'strbuf_reset' only resets the internal length variable, such that this could also be accounted for as a micro-optimization. Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Stefan Beller <sbeller@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 04 October 2017, 06:21:31 UTC |
2944a94 | Johannes Sixt | 03 October 2017, 20:24:57 UTC | sub-process: use child_process.args instead of child_process.argv Currently the argv is only allocated on the stack, and then assigned to process->argv. When the start_subprocess function goes out of scope, the local argv variable is eliminated from the stack, but the pointer is still kept around in process->argv. Much later when we try to access the same process->argv in finish_command, this leads us to access a memory location that no longer contains what we want. As argv0 is only used for printing errors, this is not easily noticed in normal git operations. However when running t0021-conversion.sh through valgrind, valgrind rightfully complains: ==21024== Invalid read of size 8 ==21024== at 0x2ACF64: finish_command (run-command.c:869) ==21024== by 0x2D6B18: subprocess_exit_handler (sub-process.c:72) ==21024== by 0x2AB41E: cleanup_children (run-command.c:45) ==21024== by 0x2AB526: cleanup_children_on_exit (run-command.c:81) ==21024== by 0x54AD487: __run_exit_handlers (in /usr/lib/libc-2.26.so) ==21024== by 0x54AD4D9: exit (in /usr/lib/libc-2.26.so) ==21024== by 0x11A9EF: handle_builtin (git.c:550) ==21024== by 0x11ABCC: run_argv (git.c:602) ==21024== by 0x11AD8E: cmd_main (git.c:679) ==21024== by 0x1BF125: main (common-main.c:43) ==21024== Address 0x1ffeffec00 is on thread 1's stack ==21024== 1504 bytes below stack pointer ==21024== These days, the child_process structure has its own args array, and the standard way to set up its argv[] is to use that one, instead of assigning to process->argv to point at an array that is outside. Use that facility automatically fixes this issue. Reported-by: Thomas Gummerer <t.gummerer@gmail.com> Signed-off-by: Johannes Sixt <j6t@kdbg.org> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 04 October 2017, 04:58:15 UTC |
51bfb73 | Thomas Gummerer | 03 October 2017, 19:57:12 UTC | http-push: fix construction of hex value from path The get_oid_hex_from_objpath takes care of creating a oid from a pathname. It does this by memcpy'ing the first two bytes of the path to the "hex" string, then skipping the '/', and then copying the rest of the path to the "hex" string. Currently it fails to increase the pointer to the hex string, so the second memcpy invocation just mashes over what was copied in the first one, and leaves the last two bytes in the string uninitialized. This breaks valgrind in t5540, although the test passes without valgrind: ==5490== Use of uninitialised value of size 8 ==5490== at 0x13C6B5: hexval (cache.h:1238) ==5490== by 0x13C6DB: hex2chr (cache.h:1247) ==5490== by 0x13C734: get_sha1_hex (hex.c:42) ==5490== by 0x13C78E: get_oid_hex (hex.c:53) ==5490== by 0x118BDA: get_oid_hex_from_objpath (http-push.c:1023) ==5490== by 0x118C92: process_ls_object (http-push.c:1038) ==5490== by 0x118E5B: handle_remote_ls_ctx (http-push.c:1077) ==5490== by 0x118227: xml_end_tag (http-push.c:815) ==5490== by 0x50C1448: ??? (in /usr/lib/libexpat.so.1.6.6) ==5490== by 0x50C221B: ??? (in /usr/lib/libexpat.so.1.6.6) ==5490== by 0x50BFBF2: ??? (in /usr/lib/libexpat.so.1.6.6) ==5490== by 0x50C0B24: ??? (in /usr/lib/libexpat.so.1.6.6) ==5490== Uninitialised value was created by a stack allocation ==5490== at 0x118B63: get_oid_hex_from_objpath (http-push.c:1012) ==5490== Fix this by correctly incrementing the pointer to the "hex" variable, so the first two bytes are left untouched by the memcpy call, and the last two bytes are correctly initialized. Signed-off-by: Thomas Gummerer <t.gummerer@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 04 October 2017, 04:48:35 UTC |
8262715 | Jeff King | 03 October 2017, 23:30:40 UTC | path.c: fix uninitialized memory access In cleanup_path we're passing in a char array, run a memcmp on it, and run through it without ever checking if something is in the array in the first place. This can lead us to access uninitialized memory, for example in t5541-http-push-smart.sh test 7, when run under valgrind: ==4423== Conditional jump or move depends on uninitialised value(s) ==4423== at 0x242FA9: cleanup_path (path.c:35) ==4423== by 0x242FA9: mkpath (path.c:456) ==4423== by 0x256CC7: refname_match (refs.c:364) ==4423== by 0x26C181: count_refspec_match (remote.c:1015) ==4423== by 0x26C181: match_explicit_lhs (remote.c:1126) ==4423== by 0x26C181: check_push_refs (remote.c:1409) ==4423== by 0x2ABB4D: transport_push (transport.c:870) ==4423== by 0x186703: push_with_options (push.c:332) ==4423== by 0x18746D: do_push (push.c:409) ==4423== by 0x18746D: cmd_push (push.c:566) ==4423== by 0x1183E0: run_builtin (git.c:352) ==4423== by 0x11973E: handle_builtin (git.c:539) ==4423== by 0x11973E: run_argv (git.c:593) ==4423== by 0x11973E: main (git.c:698) ==4423== Uninitialised value was created by a heap allocation ==4423== at 0x4C2CD8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==4423== by 0x4C2F195: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==4423== by 0x2C196B: xrealloc (wrapper.c:137) ==4423== by 0x29A30B: strbuf_grow (strbuf.c:66) ==4423== by 0x29A30B: strbuf_vaddf (strbuf.c:277) ==4423== by 0x242F9F: mkpath (path.c:454) ==4423== by 0x256CC7: refname_match (refs.c:364) ==4423== by 0x26C181: count_refspec_match (remote.c:1015) ==4423== by 0x26C181: match_explicit_lhs (remote.c:1126) ==4423== by 0x26C181: check_push_refs (remote.c:1409) ==4423== by 0x2ABB4D: transport_push (transport.c:870) ==4423== by 0x186703: push_with_options (push.c:332) ==4423== by 0x18746D: do_push (push.c:409) ==4423== by 0x18746D: cmd_push (push.c:566) ==4423== by 0x1183E0: run_builtin (git.c:352) ==4423== by 0x11973E: handle_builtin (git.c:539) ==4423== by 0x11973E: run_argv (git.c:593) ==4423== by 0x11973E: main (git.c:698) ==4423== Avoid this by using skip_prefix(), which knows not to go beyond the end of the string. Reported-by: Thomas Gummerer <t.gummerer@gmail.com> Signed-off-by: Jeff King <peff@peff.net> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 04 October 2017, 04:47:16 UTC |
97487ea | René Scharfe | 03 October 2017, 14:36:40 UTC | test-stringlist: avoid buffer underrun when sorting nothing Check if the strbuf containing data to sort is empty before attempting to trim a trailing newline character. Signed-off-by: Rene Scharfe <l.s.r@web.de> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 04 October 2017, 04:41:49 UTC |
e66d7c3 | Ann T Ropea | 03 October 2017, 00:08:38 UTC | request-pull: capitalise "Git" to make it a proper noun Of the many ways to spell the three-letter word, the variant "Git" should be used when referring to a repository in a description; or, in general, when it is used as a proper noun. We thus change the pull-request template message so that it reads "...in the Git repository at:" Besides, this brings us in line with the documentation, see Documentation/howto/using-signed-tag-in-pull-request.txt Signed-off-by: Ann T Ropea <bedhanger@gmx.de> Acked-by: Jonathan Nieder <jrnieder@gmail.com> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 03 October 2017, 04:11:57 UTC |
0e187d7 | René Scharfe | 01 October 2017, 15:14:31 UTC | run-command: use ALLOC_ARRAY Use the macro ALLOC_ARRAY to allocate an array. This is shorter and easier, as it automatically infers the size of elements. Patch generated with Coccinelle and contrib/coccinelle/array.cocci. Signeg-off-by: Rene Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 02 October 2017, 23:42:57 UTC |
7099153 | René Scharfe | 01 October 2017, 14:45:13 UTC | tag: avoid NULL pointer arithmetic lookup_blob() etc. can return NULL if the referenced object isn't of the expected type. In theory it's wrong to reference the object member in that case. In practice it's OK because it's located at offset 0 for all types, so the pointer arithmetic (NULL + 0) is optimized out by the compiler. The issue is reported by Clang's AddressSanitizer, though. Avoid the ASan error by casting the results of the lookup functions to struct object pointers. That works fine with NULL pointers as well. We already rely on the object member being first in all object types in other places in the code. Signed-off-by: Rene Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 02 October 2017, 04:14:33 UTC |
9ca356f | René Scharfe | 01 October 2017, 15:12:08 UTC | coccinelle: remove parentheses that become unnecessary Transformations that hide multiplications can end up with an pair of parentheses that is no longer needed. E.g. with a rule like this: @@ expression E; @@ - E * 2 + double(E) ... we might get a patch like this: - x = (a + b) * 2; + x = double((a + b)); Add a pair of parentheses to the preimage side of such rules. Coccinelle will generate patches that remove them if they are present, and it will still match expressions that lack them. Signed-off-by: Rene Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 02 October 2017, 04:02:26 UTC |
61b2a1a | Randall S. Becker | 28 September 2017, 22:47:17 UTC | poll.c: always set revents, even if to zero Match what is done to pfd[i].revents when compute_revents() returns 0 to the upstream gnulib's commit d42461c3 ("poll: fixes for large fds", 2015-02-20). The revents field is set to 0, without incrementing the value rc to be returned from the function. The original code left the field to whatever random value the field was initialized to. This fixes occasional hangs in git-upload-pack on HPE NonStop. Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 29 September 2017, 09:33:22 UTC |
5e63332 | Adam Dinwoodie | 28 September 2017, 14:06:48 UTC | doc: correct command formatting Leaving spaces around the `-delimeters for commands means asciidoc fails to parse them as the start of a literal string. Remove an extraneous space that is causing a literal to not be formatted as such. Signed-off-by: Adam Dinwoodie <adam@dinwoodie.org> Acked-by: Andreas Heiduk <asheiduk@gmail.com> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 29 September 2017, 01:54:38 UTC |
0bca165 | Jeff King | 27 September 2017, 06:17:36 UTC | validate_headref: use get_oid_hex for detached HEADs If a candidate HEAD isn't a symref, we check that it contains a viable sha1. But in a post-sha1 world, we should be checking whether it has any plausible object-id. We can do that by switching to get_oid_hex(). Note that both before and after this patch, we only check for a plausible object id at the start of the file, and then call that good enough. We ignore any content _after_ the hex, so a string like: 0123456789012345678901234567890123456789 foo is accepted. Though we do put extra bytes like this into some pseudorefs (e.g., FETCH_HEAD), we don't typically do so with HEAD. We could tighten this up by using parse_oid_hex(), like: if (!parse_oid_hex(buffer, &oid, &end) && *end++ == '\n' && *end == '\0') return 0; But we're probably better to remain on the loose side. We're just checking here for a plausible-looking repository directory, so heuristics are acceptable (if we really want to be meticulous, we should use the actual ref code to parse HEAD). Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 27 September 2017, 07:07:22 UTC |
7eb4b9d | Jeff King | 27 September 2017, 06:17:26 UTC | validate_headref: use skip_prefix for symref parsing Since the previous commit guarantees that our symref buffer is NUL-terminated, we can just use skip_prefix() and friends to parse it. This is shorter and saves us having to deal with magic numbers and keeping the "len" counter up to date. While we're at it, let's name the rather obscure "buf" to "refname", since that is the thing we are parsing with it. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 27 September 2017, 07:06:31 UTC |
6e68c91 | Jeff King | 27 September 2017, 06:17:23 UTC | validate_headref: NUL-terminate HEAD buffer When we are checking to see if we have a git repo, we peek into the HEAD file and see if it's a plausible symlink, symref, or detached HEAD. For the latter two, we read the contents with read_in_full(), which means they aren't NUL-terminated. The symref check is careful to respect the length we got, but the sha1 check will happily parse up to 40 bytes, even if we read fewer. E.g.,: echo 1234 >.git/HEAD git rev-parse will parse 36 uninitialized bytes from our stack buffer. This isn't a big deal in practice. Our buffer is 256 bytes, so we know we'll never read outside of it. The worst case is that the uninitialized bytes look like valid hex, and we claim a bogus HEAD file is valid. The chances of this happening randomly are quite slim, but let's be careful. One option would be to check that "len == 41" before feeding the buffer to get_sha1_hex(). But we'd like to eventually prepare for a world with variable-length hashes. Let's NUL-terminate as soon as we've read the buffer (we already even leave a spare byte to do so!). That fixes this problem without depending on the size of an object id. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 27 September 2017, 07:01:24 UTC |
93dbefb | Manav Rathi | 25 September 2017, 08:09:00 UTC | docs: improve discoverability of exclude pathspec The ability to exclude paths with a negative pathspec is not mentioned in the man pages for git grep and other commands where it might be useful. Add an example and a pointer to the pathspec glossary entry in the man page for git grep to help the user to discover this ability. Add similar pointers from the git-add and git-status man pages. Additionally, - Add a test for the behaviour when multiple exclusions are present. - Add a test for the ^ alias. - Improve name of existing test. - Improve grammar in glossary description of the exclude pathspec. Helped-by: Junio C Hamano <gitster@pobox.com> Signed-off-by: Manav Rathi <mnvrth@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 September 2017, 08:54:36 UTC |
c3342b3 | Kaartic Sivaraam | 23 September 2017, 04:56:17 UTC | doc: camelCase the config variables to improve readability References to multi-word configuration variable names in our documentation must consistently use camelCase to highlight where the word boundaries are, even though these are treated case insensitively. Fix a few places that spell them in all lowercase, which makes them harder to read. Signed-off-by: Kaartic Sivaraam <kaarticsivaraam91196@gmail.com> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 September 2017, 07:11:56 UTC |
c25d98b | Junio C Hamano | 25 September 2017, 05:34:23 UTC | merge-strategies: avoid implying that "-s theirs" exists The description of `-Xours` merge option has a parenthetical note that tells the readers that it is very different from `-s ours`, which is correct, but the description of `-Xtheirs` that follows it carelessly says "this is the opposite of `ours`", giving a false impression that the readers also need to be warned that it is very different from `-s theirs`, which in reality does not even exist. Clarify it a bit to avoid misleading readers. Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 September 2017, 05:34:23 UTC |
c8cf423 | René Scharfe | 23 September 2017, 18:04:40 UTC | mailinfo: don't decode invalid =XY quoted-printable sequences Decode =XY in quoted-printable segments only if X and Y are hexadecimal digits, otherwise just copy them. That's at least better than interpreting negative results from hexval() as a character. Reported-by: Jeff King <peff@peff.net> Signed-off-by: Rene Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 September 2017, 01:29:19 UTC |
9c03cac | Ilya Kantor | 23 September 2017, 07:53:47 UTC | userdiff: fix HTML hunk header regexp Current HTML header regexp doesn't match headers without attributes. So it fails to match <h1>...</h1>, while <h1 class="smth">...</h1> matches. Make attributes optional to fix this. The regexp is still far from perfect, but now it at least handles the common case. Signed-off-by: Ilya Kantor <iliakan@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 September 2017, 01:13:28 UTC |
c08fd63 | Jeff King | 23 September 2017, 05:55:26 UTC | doc: put literal block delimiter around table The git-read-tree manpage has a table that is meant to be shown with its spacing exactly as it is in the source. We mark it as a "literal paragraph" by indenting each line by at least one space. This renders OK with asciidoc for both the HTML and manpage versions. But there are two problems when we render it with asciidoctor. The first is that some lines mix tabs and spaces. Even if asciidoctor is correctly configured for 8-space tabs, it seems to handle this case differently, soaking up some of the initial literal-paragraph spaces and mis-aligning the table text. The second problem is that the table uses blank lines to group rows. But as blank lines separate paragraphs in asciidoc, this actually means that each chunk of the table is rendered in its own pre-formatted <div> block. This happens even with vanilla asciidoc, but there's no visible result because the literal paragraphs aren't styled in any special way. But with asciidoctor (or at least the styles used on git-scm.com), literal paragraphs are styled with a different background. This breaks the table into a visually distracting sequence of chunks. We can fix both by adding a literal-paragraph block delimiter. That turns the whole table into a single block (for both implementations) and causes asciidoctor to render the indentation as it is in the source. Reported-at: https://github.com/git/git-scm.com/issues/1023 Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 September 2017, 01:09:45 UTC |
4010f1d | Junio C Hamano | 22 September 2017, 05:51:37 UTC | Git 2.14.2 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:51:37 UTC |
cef9271 | Junio C Hamano | 22 September 2017, 05:50:02 UTC | Sync with 2.13.6 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:50:02 UTC |
42e6fde | Junio C Hamano | 22 September 2017, 05:49:24 UTC | Git 2.13.6 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:49:24 UTC |
1df0306 | Junio C Hamano | 22 September 2017, 05:48:08 UTC | Sync with 2.12.5 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:48:08 UTC |
9752ad0 | Junio C Hamano | 22 September 2017, 05:47:41 UTC | Git 2.12.5 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:47:41 UTC |
65c9d4b | Junio C Hamano | 22 September 2017, 05:45:30 UTC | Sync with 2.11.4 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:45:30 UTC |
39aaab1 | Junio C Hamano | 22 September 2017, 05:44:45 UTC | Git 2.11.4 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:44:45 UTC |
0a4986d | Junio C Hamano | 22 September 2017, 05:43:13 UTC | Sync with 2.10.5 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:43:17 UTC |
27dea46 | Junio C Hamano | 22 September 2017, 05:42:22 UTC | Git 2.10.5 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 05:42:22 UTC |
dca89d4 | Junio C Hamano | 22 September 2017, 05:34:34 UTC | Merge branch 'jk/safe-pipe-capture' into maint-2.10 | 22 September 2017, 05:34:34 UTC |
6d6e2f8 | Junio C Hamano | 22 September 2017, 05:34:34 UTC | Merge branch 'jk/cvsimport-quoting' into maint-2.10 | 22 September 2017, 05:34:34 UTC |
31add46 | Junio C Hamano | 22 September 2017, 05:34:34 UTC | Merge branch 'jc/cvsserver' into maint-2.10 | 22 September 2017, 05:34:34 UTC |
985f59c | Junio C Hamano | 22 September 2017, 05:34:34 UTC | Merge branch 'jk/git-shell-drop-cvsserver' into maint-2.10 | 22 September 2017, 05:34:34 UTC |
cc0ea7c | Jeff King | 21 September 2017, 06:21:40 UTC | cat-file: handle NULL object_context.path Commit dc944b65f1 (get_sha1_with_context: dynamically allocate oc->path, 2017-05-19) changed the rules that callers must follow for seeing if we parsed a path in the object name. The rules switched from "check if the oc.path buffer is empty" to "check if the oc.path pointer is NULL". But that commit forgot to update some sites in cat_one_file(), meaning we might dereference a NULL pointer. You can see this by making a path-aware request like --textconv without specifying --path, and giving an object name that doesn't have a path in it. Like: git cat-file --textconv HEAD which will reliably segfault. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 03:49:28 UTC |
217bb56 | Han-Wen Nienhuys | 21 September 2017, 12:43:37 UTC | submodule.h: typofix Signed-off-by: Han-Wen Nienhuys <hanwen@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 September 2017, 01:59:52 UTC |
1a6d468 | Torsten Bögershausen | 17 September 2017, 05:43:18 UTC | test-lint: echo -e (or -E) is not portable Some implementations of `echo` support the '-e' option to enable backslash interpretation of the following string. As an addition, they support '-E' to turn it off. However, none of these are portable, POSIX doesn't even mention them, and many implementations don't support them. A check for '-n' is already done in check-non-portable-shell.pl, extend it to cover '-n', '-e' or '-E'. Signed-off-by: Torsten Bögershausen <tboegi@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 21 September 2017, 01:13:47 UTC |
ac7da78 | Michael Haggerty | 20 September 2017, 05:27:05 UTC | for_each_string_list_item: avoid undefined behavior for empty list If you pass a newly initialized or newly cleared `string_list` to `for_each_string_list_item()`, then the latter does for ( item = (list)->items; /* NULL */ item < (list)->items + (list)->nr; /* NULL + 0 */ ++item) Even though this probably works almost everywhere, it is undefined behavior, and it could plausibly cause highly-optimizing compilers to misbehave. C99 section 6.5.6 paragraph 8 explains: If both the pointer operand and the result point to elements of the same array object, or one past the last element of the array object, the evaluation shall not produce an overflow; otherwise, the behavior is undefined. and (6.3.2.3.3) a null pointer does not point to anything. Guard the loop with a NULL check to make the intent crystal clear to even the most pedantic compiler. A suitably clever compiler could let the NULL check only run in the first iteration, but regardless, this overhead is likely to be dwarfed by the work to be done on each item. This problem was noticed by Coverity. [jn: using a NULL check instead of a placeholder empty list; fleshed out the commit message based on mailing list discussion] Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 20 September 2017, 05:41:08 UTC |
01e4be6 | Kaartic Sivaraam | 17 September 2017, 10:18:15 UTC | t/README: fix typo and grammatically improve a sentence Signed-off-by: Kaartic Sivaraam <kaarticsivaraam91196@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 19 September 2017, 03:02:51 UTC |
afe2fab | Junio C Hamano | 17 September 2017, 03:16:55 UTC | gc: call fscanf() with %<len>s, not %<len>c, when reading hostname Earlier in this codepath, we (ab)used "%<len>c" to read the hostname recorded in the lockfile into locking_host[HOST_NAME_MAX + 1] while substituting <len> with the actual value of HOST_NAME_MAX. This turns out to be incorrect, as it is an instruction to read exactly the specified number of bytes. Because we are trying to read at most that many bytes, we should be using "%<len>s" instead. Helped-by: A. Wilcox <awilfox@adelielinux.org> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 17 September 2017, 04:21:44 UTC |
da769d2 | Max Kirillov | 16 September 2017, 05:53:44 UTC | describe: fix matching to actually match all patterns `git describe --match` with multiple patterns matches only first pattern. If it fails, next patterns are not tried. Fix it, add test cases and update existing test which has wrong expectation. Signed-off-by: Max Kirillov <max@max630.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 17 September 2017, 01:21:12 UTC |
be94568 | Evan Zacks | 12 September 2017, 22:58:39 UTC | doc: fix minor typos (extra/duplicated words) Following are several fixes for duplicated words ("of of") and one case where an extra article ("a") slipped in. Signed-off-by: Evan Zacks <zackse@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 14 September 2017, 06:09:02 UTC |
4318094 | René Scharfe | 12 September 2017, 22:43:57 UTC | archive: don't add empty directories to archives While git doesn't track empty directories, git archive can be tricked into putting some into archives. One way is to construct an empty tree object, as t5004 does. While that is supported by the object database, it can't be represented in the index and thus it's unlikely to occur in the wild. Another way is using the literal name of a directory in an exclude pathspec -- its contents are are excluded, but the directory stub is included. That's inconsistent: exclude pathspecs containing wildcards don't leave empty directories in the archive. Yet another way is have a few levels of nested subdirectories (e.g. d1/d2/d3/file1) and ignoring the entries at the leaves (e.g. file1). The directories with the ignored content are ignored as well (e.g. d3), but their empty parents are included (e.g. d2). As empty directories are not supported by git, they should also not be written into archives. If an empty directory is really needed then it can be tracked and archived by placing an empty .gitignore file in it. There already is a mechanism in place for suppressing empty directories. When read_tree_recursive() encounters a directory excluded by a pathspec then it enters it anyway because it might contain included entries. It calls the callback function before it is able to decide if the directory is actually needed. For that reason git archive adds directories to a queue and writes entries for them only when it encounters the first child item -- but currently only if pathspecs with wildcards are used. Queue *all* directories, no matter if there even are pathspecs present. This prevents git archive from writing entries for empty directories in all cases. Suggested-by: Jeff King <peff@peff.net> Signed-off-by: Rene Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 14 September 2017, 06:08:22 UTC |
c788c54 | Thomas Gummerer | 12 September 2017, 22:59:21 UTC | refs: strip out not allowed flags from ref_transaction_update Callers are only allowed to pass certain flags into ref_transaction_update, other flags are internal to it. To prevent mistakes from the callers, strip the internal only flags out before continuing. This was noticed because of a compiler warning gcc 7.1.1 issued about passing a NULL parameter as second parameter to memcpy (through hashcpy): In file included from refs.c:5:0: refs.c: In function ‘ref_transaction_verify’: cache.h:948:2: error: argument 2 null where non-null expected [-Werror=nonnull] memcpy(sha_dst, sha_src, GIT_SHA1_RAWSZ); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from git-compat-util.h:165:0, from cache.h:4, from refs.c:5: /usr/include/string.h:43:14: note: in a call to function ‘memcpy’ declared here extern void *memcpy (void *__restrict __dest, const void *__restrict __src, ^~~~~~ The call to hascpy in ref_transaction_add_update is protected by the passed in flags, but as we only add flags there, gcc notices REF_HAVE_NEW or REF_HAVE_OLD flags could be passed in from the outside, which would potentially result in passing in NULL as second parameter to memcpy. Fix both the compiler warning, and make the interface safer for its users by stripping the internal flags out. Suggested-by: Michael Haggerty <mhagger@alum.mit.edu> Signed-off-by: Thomas Gummerer <t.gummerer@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 14 September 2017, 05:46:05 UTC |
f7a32dd | Kevin Daudt | 11 September 2017, 19:33:38 UTC | doc/for-each-ref: explicitly specify option names For count, sort and format, only the argument names were listed under OPTIONS, not the option names. Add the option names to make it clear the options exist Signed-off-by: Kevin Daudt <me@ikke.info> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 12 September 2017, 02:24:46 UTC |
3233d51 | Kevin Daudt | 11 September 2017, 19:33:37 UTC | doc/for-each-ref: consistently use '=' to between argument names and values The synopsis and description inconsistently add a '=' between the argument name and it's value. Make this consistent. Signed-off-by: Kevin Daudt <me@ikke.info> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 12 September 2017, 02:23:38 UTC |
5b4efea | Jeff King | 11 September 2017, 14:24:26 UTC | cvsimport: shell-quote variable used in backticks We run `git rev-parse` though the shell, and quote its argument only with single-quotes. This prevents most metacharacters from being a problem, but misses the obvious case when $name itself has single-quotes in it. We can fix this by applying the usual shell-quoting formula. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 12 September 2017, 02:10:22 UTC |
8d0fad0 | Jeff King | 11 September 2017, 14:24:11 UTC | archimport: use safe_pipe_capture for user input Refnames can contain shell metacharacters which need to be passed verbatim to sub-processes. Using safe_pipe_capture skips the shell entirely. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 12 September 2017, 02:08:15 UTC |
9a42c03 | Jeff King | 11 September 2017, 15:27:51 UTC | shell: drop git-cvsserver support by default The git-cvsserver script is old and largely unmaintained these days. But git-shell allows untrusted users to run it out of the box, significantly increasing its attack surface. Let's drop it from git-shell's list of internal handlers so that it cannot be run by default. This is not backwards compatible. But given the age and development activity on CVS-related parts of Git, this is likely to impact very few users, while helping many more (i.e., anybody who runs git-shell and had no intention of supporting CVS). There's no configuration mechanism in git-shell for us to add a boolean and flip it to "off". But there is a mechanism for adding custom commands, and adding CVS support here is fairly trivial. Let's document it to give guidance to anybody who really is still running cvsserver. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 12 September 2017, 02:05:58 UTC |
46203ac | Junio C Hamano | 11 September 2017, 05:45:54 UTC | cvsserver: use safe_pipe_capture for `constant commands` as well This is not strictly necessary, but it is a good code hygiene. Signed-off-by: Junio C Hamano <gitster@pobox.com> | 11 September 2017, 05:52:29 UTC |
27dd738 | joernchen | 11 September 2017, 05:45:09 UTC | cvsserver: use safe_pipe_capture instead of backticks This makes the script pass arguments that are derived from end-user input in safer way when invoking subcommands. Reported-by: joernchen <joernchen@phenoelit.de> Signed-off-by: joernchen <joernchen@phenoelit.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 11 September 2017, 05:52:29 UTC |
fce13af | Junio C Hamano | 11 September 2017, 05:44:24 UTC | cvsserver: move safe_pipe_capture() to the main package As a preparation for replacing `command` with a call to this function from outside GITCVS::updater package, move it to the main package. Signed-off-by: Junio C Hamano <gitster@pobox.com> | 11 September 2017, 05:52:29 UTC |