| f02fbc4 | Junio C Hamano | 26 February 2016, 21:45:26 UTC | Git 2.8-rc0 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 26 February 2016, 21:45:26 UTC |
| b52cb95 | Junio C Hamano | 26 February 2016, 21:37:28 UTC | Merge branch 'mm/readme-markdown' README has been renamed to README.md and its contents got tweaked slightly to make it easier on the eyes. * mm/readme-markdown: README.md: move down historical explanation about the name README.md: don't call git stupid in the title README.md: move the link to git-scm.com up README.md: add hyperlinks on filenames README: use markdown syntax | 26 February 2016, 21:37:28 UTC |
| 2e55d30 | Junio C Hamano | 26 February 2016, 21:37:28 UTC | Merge branch 'ma/update-hooks-sample-typofix' * ma/update-hooks-sample-typofix: templates/hooks: fix minor typo in the sample update-hook | 26 February 2016, 21:37:28 UTC |
| 0f0dd37 | Junio C Hamano | 26 February 2016, 21:37:27 UTC | Merge branch 'ls/makefile-cflags-developer-tweak' There is a new DEVELOPER knob that enables many compiler warning options in the Makefile. * ls/makefile-cflags-developer-tweak: add DEVELOPER makefile knob to check for acknowledged warnings | 26 February 2016, 21:37:27 UTC |
| 69616f7 | Junio C Hamano | 26 February 2016, 21:37:27 UTC | Merge branch 'dt/initial-ref-xn-commit-doc' * dt/initial-ref-xn-commit-doc: refs: document transaction semantics | 26 February 2016, 21:37:27 UTC |
| d3faba8 | Junio C Hamano | 26 February 2016, 21:37:26 UTC | Merge branch 'js/config-set-in-non-repository' "git config section.var value" to set a value in per-repository configuration file failed when it was run outside any repository, but didn't say the reason correctly. * js/config-set-in-non-repository: git config: report when trying to modify a non-existing repo config | 26 February 2016, 21:37:26 UTC |
| 8ef250c | Junio C Hamano | 26 February 2016, 21:37:26 UTC | Merge branch 'jk/epipe-in-async' Handling of errors while writing into our internal asynchronous process has been made more robust, which reduces flakiness in our tests. * jk/epipe-in-async: t5504: handle expected output from SIGPIPE death test_must_fail: report number of unexpected signal fetch-pack: ignore SIGPIPE in sideband demuxer write_or_die: handle EPIPE in async threads | 26 February 2016, 21:37:26 UTC |
| 15be621 | Junio C Hamano | 26 February 2016, 21:37:25 UTC | Merge branch 'mm/push-default-warning' Across the transition at around Git version 2.0, the user used to get a pretty loud warning when running "git push" without setting push.default configuration variable. We no longer warn, given that the transition is over long time ago. * mm/push-default-warning: push: remove "push.default is unset" warning message | 26 February 2016, 21:37:25 UTC |
| 4ce064d | Junio C Hamano | 26 February 2016, 21:37:25 UTC | Merge branch 'fa/merge-recursive-no-rename' "git merge-recursive" learned "--no-renames" option to disable its rename detection logic. * fa/merge-recursive-no-rename: t3034: test deprecated interface t3034: test option to disable renames t3034: add rename threshold tests merge-recursive: find-renames resets threshold merge-strategies.txt: fix typo merge-recursive: more consistent interface merge-recursive: option to disable renames | 26 February 2016, 21:37:25 UTC |
| 9671a76 | Junio C Hamano | 26 February 2016, 21:37:24 UTC | Merge branch 'sb/submodule-fetch-nontip' When "git submodule update" did not result in fetching the commit object in the submodule that is referenced by the superproject, the command learned to retry another fetch, specifically asking for that commit that may not be connected to the refs it usually fetches. * sb/submodule-fetch-nontip: submodule: try harder to fetch needed sha1 by direct fetching sha1 | 26 February 2016, 21:37:24 UTC |
| 03f682b | Junio C Hamano | 26 February 2016, 21:37:24 UTC | Merge branch 'sb/submodule-module-list-fix' A helper function "git submodule" uses since v2.7.0 to list the modules that match the pathspec argument given to its subcommands (e.g. "submodule add <repo> <path>") has been fixed. * sb/submodule-module-list-fix: submodule helper list: respect correct path prefix | 26 February 2016, 21:37:24 UTC |
| c6b94eb | Junio C Hamano | 26 February 2016, 21:37:23 UTC | Merge branch 'tb/conversion' Code simplification. * tb/conversion: convert.c: correct attr_action() convert.c: simplify text_stat convert.c: refactor crlf_action convert.c: use text_eol_is_crlf() convert.c: remove input_crlf_action() convert.c: remove unused parameter 'path' t0027: add tests for get_stream_filter() | 26 February 2016, 21:37:23 UTC |
| 3163363 | Junio C Hamano | 26 February 2016, 21:37:23 UTC | Merge branch 'jk/grep-binary-workaround-in-test' Recent versions of GNU grep are pickier when their input contains arbitrary binary data, which some of our tests uses. Rewrite the tests to sidestep the problem. * jk/grep-binary-workaround-in-test: t9200: avoid grep on non-ASCII data t8005: avoid grep on non-ASCII data | 26 February 2016, 21:37:23 UTC |
| c1fa85f | Junio C Hamano | 26 February 2016, 21:37:22 UTC | Merge branch 'ps/plug-xdl-merge-leak' * ps/plug-xdl-merge-leak: xdiff/xmerge: fix memory leak in xdl_merge | 26 February 2016, 21:37:22 UTC |
| 1e4c08f | Junio C Hamano | 26 February 2016, 21:37:21 UTC | Merge branch 'mm/push-simple-doc' The documentation did not clearly state that the 'simple' mode is now the default for "git push" when push.default configuration is not set. * mm/push-simple-doc: Documentation/git-push: document that 'simple' is the default | 26 February 2016, 21:37:21 UTC |
| 2a24444 | Junio C Hamano | 26 February 2016, 21:37:20 UTC | Merge branch 'jg/credential-cache-chdir-to-sockdir' The "credential-cache" daemon process used to run in whatever directory it happened to start in, but this made umount(2)ing the filesystem that houses the repository harder; now the process chdir()s to the directory that house its own socket on startup. * jg/credential-cache-chdir-to-sockdir: credential-cache--daemon: change to the socket dir on startup credential-cache--daemon: disallow relative socket path credential-cache--daemon: refactor check_socket_directory | 26 February 2016, 21:37:20 UTC |
| 225caa7 | Junio C Hamano | 26 February 2016, 21:37:19 UTC | Merge branch 'ps/config-error' Many codepaths forget to check return value from git_config_set(); the function is made to die() to make sure we do not proceed when setting a configuration variable failed. * ps/config-error: config: rename git_config_set_or_die to git_config_set config: rename git_config_set to git_config_set_gently compat: die when unable to set core.precomposeunicode sequencer: die on config error when saving replay opts init-db: die on config errors when initializing empty repo clone: die on config error in cmd_clone remote: die on config error when manipulating remotes remote: die on config error when setting/adding branches remote: die on config error when setting URL submodule--helper: die on config error when cloning module submodule: die on config error when linking modules branch: die on config error when editing branch description branch: die on config error when unsetting upstream branch: report errors in tracking branch setup config: introduce set_or_die wrappers | 26 February 2016, 21:37:19 UTC |
| 56d4e7e | Junio C Hamano | 26 February 2016, 21:37:18 UTC | Merge branch 'mg/work-tree-tests' Traditionally, the tests that try commands that work on the contents in the working tree were named with "worktree" in their filenames, but with the recent addition of "git worktree" subcommand, whose tests are also named similarly, it has become harder to tell them apart. The traditional tests have been renamed to use "work-tree" instead in an attempt to differentiate them. * mg/work-tree-tests: tests: rename work-tree tests to *work-tree* | 26 February 2016, 21:37:18 UTC |
| dd0f567 | Junio C Hamano | 26 February 2016, 21:37:17 UTC | Merge branch 'ls/config-origin' The configuration system has been taught to phrase where it found a bad configuration variable in a better way in its error messages. "git config" learnt a new "--show-origin" option to indicate where the values come from. * ls/config-origin: config: add '--show-origin' option to print the origin of a config value config: add 'origin_type' to config_source struct rename git_config_from_buf to git_config_from_mem t: do not hide Git's exit code in tests using 'nul_to_q' | 26 February 2016, 21:37:17 UTC |
| 11529ec | Junio C Hamano | 26 February 2016, 21:37:16 UTC | Merge branch 'jk/tighten-alloc' Update various codepaths to avoid manually-counted malloc(). * jk/tighten-alloc: (22 commits) ewah: convert to REALLOC_ARRAY, etc convert ewah/bitmap code to use xmalloc diff_populate_gitlink: use a strbuf transport_anonymize_url: use xstrfmt git-compat-util: drop mempcpy compat code sequencer: simplify memory allocation of get_message test-path-utils: fix normalize_path_copy output buffer size fetch-pack: simplify add_sought_entry fast-import: simplify allocation in start_packfile write_untracked_extension: use FLEX_ALLOC helper prepare_{git,shell}_cmd: use argv_array use st_add and st_mult for allocation size computation convert trivial cases to FLEX_ARRAY macros use xmallocz to avoid size arithmetic convert trivial cases to ALLOC_ARRAY convert manual allocations to argv_array argv-array: add detach function add helpers for allocating flex-array structs harden REALLOC_ARRAY and xcalloc against size_t overflow tree-diff: catch integer overflow in combine_diff_path allocation ... | 26 February 2016, 21:37:16 UTC |
| 3ed26a4 | Junio C Hamano | 26 February 2016, 21:37:15 UTC | Merge branch 'jk/more-comments-on-textconv' The memory ownership rule of fill_textconv() API, which was a bit tricky, has been documented a bit better. * jk/more-comments-on-textconv: diff: clarify textconv interface | 26 February 2016, 21:37:15 UTC |
| 18b26b1 | Junio C Hamano | 26 February 2016, 21:37:14 UTC | Merge branch 'jk/no-diff-emit-common' "git merge-tree" used to mishandle "both sides added" conflict with its own "create a fake ancestor file that has the common parts of what both sides have added and do a 3-way merge" logic; this has been updated to use the usual "3-way merge with an empty blob as the fake common ancestor file" approach used in the rest of the system. * jk/no-diff-emit-common: xdiff: drop XDL_EMIT_COMMON merge-tree: drop generate_common strategy merge-one-file: use empty blob for add/add base | 26 February 2016, 21:37:14 UTC |
| dede296 | Junio C Hamano | 26 February 2016, 21:37:13 UTC | Merge branch 'ak/git-strip-extension-from-dashed-command' Code simplification. * ak/git-strip-extension-from-dashed-command: git.c: simplify stripping extension of a file in handle_builtin() | 26 February 2016, 21:37:13 UTC |
| 7943cba | Junio C Hamano | 26 February 2016, 21:37:12 UTC | Merge branch 'ak/extract-argv0-last-dir-sep' Code simplification. * ak/extract-argv0-last-dir-sep: exec_cmd.c: use find_last_dir_sep() for code simplification | 26 February 2016, 21:37:12 UTC |
| 26f7b5c | Junio C Hamano | 26 February 2016, 21:37:10 UTC | Merge branch 'kn/ref-filter-atom-parsing' The ref-filter's format-parsing code has been refactored, in preparation for "branch --format" and friends. * kn/ref-filter-atom-parsing: ref-filter: introduce objectname_atom_parser() ref-filter: introduce contents_atom_parser() ref-filter: introduce remote_ref_atom_parser() ref-filter: align: introduce long-form syntax ref-filter: introduce align_atom_parser() ref-filter: introduce parse_align_position() ref-filter: introduce color_atom_parser() ref-filter: introduce parsing functions for each valid atom ref-filter: introduce struct used_atom ref-filter: bump 'used_atom' and related code to the top ref-filter: use string_list_split over strbuf_split | 26 February 2016, 21:37:10 UTC |
| ae2f255 | Junio C Hamano | 26 February 2016, 21:37:09 UTC | Merge branch 'tg/git-remote' The internal API to interact with "remote.*" configuration variables has been streamlined. * tg/git-remote: remote: use remote_is_configured() for add and rename remote: actually check if remote exits remote: simplify remote_is_configured() remote: use parse_config_key | 26 February 2016, 21:37:09 UTC |
| 43f3afc | Jeff King | 24 February 2016, 07:48:36 UTC | t5504: handle expected output from SIGPIPE death Commit 8bf4bec (add "ok=sigpipe" to test_must_fail and use it to fix flaky tests, 2015-11-27) taught t5504 to handle "git push" racily exiting with SIGPIPE rather than failing. However, one of the tests checks the output of the command, as well. In the SIGPIPE case, we will not have produced any output. If we want the test to be truly non-flaky, we have to accept either output. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 21:51:47 UTC |
| f3ed0b3 | Jeff King | 24 February 2016, 07:45:49 UTC | test_must_fail: report number of unexpected signal If a command is marked as test_must_fail but dies with a signal, we consider that a problem and report the error to stderr. However, we don't say _which_ signal; knowing that can make debugging easier. Let's share as much as we know. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 21:51:47 UTC |
| 9ff18fa | Jeff King | 24 February 2016, 07:44:58 UTC | fetch-pack: ignore SIGPIPE in sideband demuxer If the other side feeds us a bogus pack, index-pack (or unpack-objects) may die early, before consuming all of its input. As a result, the sideband demuxer may get SIGPIPE (racily, depending on whether our data made it into the pipe buffer or not). If this happens and we are compiled with pthread support, it will take down the main thread, too. This isn't the end of the world, as the main process will just die() anyway when it sees index-pack failed. But it does mean we don't get a chance to say "fatal: index-pack failed" or similar. And it also means that we racily fail t5504, as we sometimes die() and sometimes are killed by SIGPIPE. So let's ignore SIGPIPE while demuxing the sideband. We are already careful to check the return value of write(), so we won't waste time writing to a broken pipe. The caller will notice the error return from the async thread, though in practice we don't even get that far, as we die() as soon as we see that index-pack failed. The non-sideband case is already fine; we let index-pack read straight from the socket, so there is no SIGPIPE at all. Technically the non-threaded async case is also OK without this (the forked async process gets SIGPIPE), but it's not worth distinguishing from the threaded case here. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 21:51:47 UTC |
| 9658846 | Jeff King | 24 February 2016, 07:40:16 UTC | write_or_die: handle EPIPE in async threads When write_or_die() sees EPIPE, it treats it specially by converting it into a SIGPIPE death. We obviously cannot ignore it, as the write has failed and the caller expects us to die. But likewise, we cannot just call die(), because printing any message at all would be a nuisance during normal operations. However, this is a problem if write_or_die() is called from a thread. Our raised signal ends up killing the whole process, when logically we just need to kill the thread (after all, if we are ignoring SIGPIPE, there is good reason to think that the main thread is expecting to handle it). Inside an async thread, the die() code already does the right thing, because we use our custom die_async() routine, which calls pthread_join(). So ideally we would piggy-back on that, and simply call: die_quietly_with_code(141); or similar. But refactoring the die code to do this is surprisingly non-trivial. The die_routines themselves handle both printing and the decision of the exit code. Every one of them would have to be modified to take new parameters for the code, and to tell us to be quiet. Instead, we can just teach write_or_die() to check for the async case and handle it specially. We do have to build an interface to abstract the async exit, but it's simple and self-contained. If we had many call-sites that wanted to do this die_quietly_with_code(), this approach wouldn't scale as well, but we don't. This is the only place where do this weird exit trick. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 21:51:45 UTC |
| 658df95 | Lars Schneider | 25 February 2016, 08:42:22 UTC | add DEVELOPER makefile knob to check for acknowledged warnings We assume Git developers have a reasonably modern compiler and recommend them to enable the DEVELOPER makefile knob to ensure their patches are clear of all compiler warnings the Git core project cares about. Enable the DEVELOPER makefile knob in the Travis-CI build. Suggested-by: Jeff King <peff@peff.net> Signed-off-by: Lars Schneider <larsxschneider@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 20:49:45 UTC |
| 4938686 | David Turner | 25 February 2016, 20:05:46 UTC | refs: document transaction semantics Add some comments on ref transaction semantics to refs.h Signed-off-by: David Turner <dturner@twopensource.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 20:35:31 UTC |
| 638fa62 | Johannes Schindelin | 24 February 2016, 12:48:11 UTC | git config: report when trying to modify a non-existing repo config It is a pilot error to call `git config section.key value` outside of any Git worktree. The message error: could not lock config file .git/config: No such file or directory is not very helpful in that situation, though. Let's print a helpful message instead. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 18:52:32 UTC |
| 2f27520 | Matthieu Moy | 25 February 2016, 09:21:59 UTC | push: remove "push.default is unset" warning message The warning was important before the 2.0 transition, and remained important for a while after, so that new users get push.default explicitly in their configuration and do not experience inconsistent behavior if they ever used an older version of Git. The warning has been there since version 1.8.0 (Oct 2012), hence we can expect the vast majority of current Git users to have been exposed to it, and most of them have already set push.default explicitly. The switch from 'matching' to 'simple' was planned for 2.0 (May 2014), but actually happened only for 2.3 (Feb 2015). Today, the warning is mostly seen by beginners, who have not set their push.default configuration (yet). For many of them, the warning is confusing because it talks about concepts that they have not learned and asks them a choice that they are not able to make yet. See for example http://stackoverflow.com/questions/13148066/warning-push-default-is-unset-its-implicit-value-is-changing-in-git-2-0 (1260 votes for the question, 1824 for the answer as of writing) Remove the warning completely to avoid disturbing beginners. People who still occasionally use an older version of Git will be exposed to the warning through this old version. Eventually, versions of Git without the warning will be deployed enough and tutorials will not need to advise setting push.default anymore. Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 17:56:42 UTC |
| a217f07 | Matthieu Moy | 25 February 2016, 08:37:30 UTC | README.md: move down historical explanation about the name The explanations about why the name was chosen are secondary compared to the description and link to the documentation. Some consider these explanations as good computer scientists joke, but other see it as needlessly offensive vocabulary. This patch preserves the historical joke, but gives it less importance by moving it to the end of the README, and makes it clear that it is a historical explanation, that does not necessarily reflect the state of mind of current developers. Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 17:33:58 UTC |
| 28513c4 | Matthieu Moy | 25 February 2016, 08:37:29 UTC | README.md: don't call git stupid in the title "the stupid content tracker" was true in the early days of Git, but hardly applicable these days. "fast, scalable, distributed" describes Git more accuralety. Also, "stupid" can be seen as offensive by some people. Let's not use it in the very first words of the README. The new formulation is taken from the description of the Debian package. Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 17:33:58 UTC |
| d9b297d | Matthieu Moy | 25 February 2016, 08:37:28 UTC | README.md: move the link to git-scm.com up The documentation available on git-scm.com is nicely formatted. It's better to point users to it than to the source code of the documentation. Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 17:33:58 UTC |
| 6164972 | Matthieu Moy | 25 February 2016, 08:37:27 UTC | README.md: add hyperlinks on filenames Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 17:33:57 UTC |
| 4ad21f5 | Matthieu Moy | 25 February 2016, 08:37:26 UTC | README: use markdown syntax This allows repository browsers like GitHub to display the content of the file nicely formatted. Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 17:33:57 UTC |
| 9537f21 | Martin Amdisen | 25 February 2016, 08:10:12 UTC | templates/hooks: fix minor typo in the sample update-hook Signed-off-by: Martin Mosegaard Amdisen <martin.amdisen@praqma.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 25 February 2016, 17:32:20 UTC |
| fb43e31 | Stefan Beller | 24 February 2016, 03:32:13 UTC | submodule: try harder to fetch needed sha1 by direct fetching sha1 When reviewing a change that also updates a submodule in Gerrit, a common review practice is to download and cherry-pick the patch locally to test it. However when testing it locally, the 'git submodule update' may fail fetching the correct submodule sha1 as the corresponding commit in the submodule is not yet part of the project history, but also just a proposed change. If $sha1 was not part of the default fetch, we try to fetch the $sha1 directly. Some servers however do not support direct fetch by sha1, which leads git-fetch to fail quickly. We can fail ourselves here as the still missing sha1 would lead to a failure later in the checkout stage anyway, so failing here is as good as we can get. Helped-by: Junio C Hamano <gitster@pobox.com> Signed-off-by: Stefan Beller <sbeller@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 February 2016, 23:24:49 UTC |
| 44c74ec | Felipe Gonçalves Assis | 24 February 2016, 01:41:31 UTC | t3034: test deprecated interface --find-renames= and --rename-threshold= should be aliases. Signed-off-by: Felipe Gonçalves Assis <felipegassis@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 February 2016, 22:48:55 UTC |
| 2307211 | Felipe Gonçalves Assis | 24 February 2016, 01:41:30 UTC | t3034: test option to disable renames Signed-off-by: Felipe Gonçalves Assis <felipegassis@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 February 2016, 22:48:34 UTC |
| 63651e1 | Felipe Gonçalves Assis | 24 February 2016, 01:41:29 UTC | t3034: add rename threshold tests 10ae752 (merge-recursive: option to specify rename threshold, 2010-09-27) introduced this feature but did not include any tests. The tests use the new option --find-renames, which replaces the then introduced and now deprecated option --rename-threshold. Also update name and description of t3032 for consistency: "merge-recursive options" -> "merge-recursive space options" Signed-off-by: Felipe Gonçalves Assis <felipegassis@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 February 2016, 22:45:28 UTC |
| 2b56bb7 | Stefan Beller | 24 February 2016, 21:15:02 UTC | submodule helper list: respect correct path prefix This is a regression introduced by 74703a1e4d (submodule: rewrite `module_list` shell function in C, 2015-09-02). Add a test to ensure we list the right submodule when giving a specific pathspec. Reported-By: Caleb Jorden <cjorden@gmail.com> Signed-off-by: Stefan Beller <sbeller@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 February 2016, 22:33:02 UTC |
| 56f37fd | Junio C Hamano | 24 February 2016, 21:31:57 UTC | Eighth batch for 2.8 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 February 2016, 21:31:57 UTC |
| c3b1e8d | Junio C Hamano | 24 February 2016, 21:26:01 UTC | Merge branch 'jc/am-i-v-fix' The "v(iew)" subcommand of the interactive "git am -i" command was broken in 2.6.0 timeframe when the command was rewritten in C. * jc/am-i-v-fix: am -i: fix "v"iew pager: factor out a helper to prepare a child process to run the pager pager: lose a separate argv[] | 24 February 2016, 21:26:01 UTC |
| 595bfef | Junio C Hamano | 24 February 2016, 21:26:00 UTC | Merge branch 'nd/worktree-add-B' "git worktree add -B <branchname>" did not work. * nd/worktree-add-B: worktree add -B: do the checkout test before update branch worktree: fix "add -B" | 24 February 2016, 21:26:00 UTC |
| 5e57f9c | Junio C Hamano | 24 February 2016, 21:25:59 UTC | Merge branch 'nd/exclusion-regression-fix' Another try to add support to the ignore mechanism that lets you say "this is excluded" and then later say "oh, no, this part (that is a subset of the previous part) is not excluded". * nd/exclusion-regression-fix: dir.c: don't exclude whole dir prematurely dir.c: support marking some patterns already matched dir.c: support tracing exclude dir.c: fix match_pathname() | 24 February 2016, 21:25:59 UTC |
| e79112d | Junio C Hamano | 24 February 2016, 21:25:58 UTC | Merge branch 'ce/https-public-key-pinning' You can now set http.[<url>.]pinnedpubkey to specify the pinned public key when building with recent enough versions of libcURL. * ce/https-public-key-pinning: http: implement public key pinning | 24 February 2016, 21:25:58 UTC |
| 65ba75b | Junio C Hamano | 24 February 2016, 21:25:57 UTC | Merge branch 'bc/http-empty-auth' Some authentication methods do not need username or password, but libcurl needs some hint that it needs to perform authentication. Supplying an empty username and password string is a valid way to do so, but you can set the http.[<url>.]emptyAuth configuration variable to achieve the same, if you find it cleaner. * bc/http-empty-auth: http: add option to try authentication without username | 24 February 2016, 21:25:57 UTC |
| 97c49af | Junio C Hamano | 24 February 2016, 21:25:56 UTC | Merge branch 'sp/remote-curl-ssl-strerror' Help those who debug http(s) part of the system. * sp/remote-curl-ssl-strerror: remote-curl: include curl_errorstr on SSL setup failures | 24 February 2016, 21:25:56 UTC |
| 9831e92 | Junio C Hamano | 24 February 2016, 21:25:55 UTC | Merge branch 'jk/lose-name-path' The "name_path" API was an attempt to reduce the need to construct the full path out of a series of path components while walking a tree hierarchy, but over time made less efficient because the path needs to be flattened, e.g. to be compared with another path that is already flat. The API has been removed and its users have been rewritten to simplify the overall code complexity. * jk/lose-name-path: list-objects: pass full pathname to callbacks list-objects: drop name_path entirely list-objects: convert name_path to a strbuf show_object_with_name: simplify by using path_name() http-push: stop using name_path | 24 February 2016, 21:25:55 UTC |
| e84d5e9 | Junio C Hamano | 24 February 2016, 21:25:54 UTC | Merge branch 'ew/force-ipv4' "git fetch" and friends that make network connections can now be told to only use ipv4 (or ipv6). * ew/force-ipv4: connect & http: support -4 and -6 switches for remote operations | 24 February 2016, 21:25:54 UTC |
| 8020803 | Junio C Hamano | 24 February 2016, 21:25:53 UTC | Merge branch 'nd/git-common-dir-fix' "git rev-parse --git-common-dir" used in the worktree feature misbehaved when run from a subdirectory. * nd/git-common-dir-fix: rev-parse: take prefix into account in --git-common-dir | 24 February 2016, 21:25:53 UTC |
| e6a6a76 | Junio C Hamano | 24 February 2016, 21:25:52 UTC | Merge branch 'nd/dwim-wildcards-as-pathspecs' "git show 'HEAD:Foo[BAR]Baz'" did not interpret the argument as a rev, i.e. the object named by the the pathname with wildcard characters in a tree object. * nd/dwim-wildcards-as-pathspecs: get_sha1: don't die() on bogus search strings check_filename: tighten dwim-wildcard ambiguity checkout: reorder check_filename conditional | 24 February 2016, 21:25:52 UTC |
| 87892f6 | Felipe Gonçalves Assis | 21 February 2016, 22:59:05 UTC | merge-recursive: find-renames resets threshold Make the find-renames option follow the behaviour in git-diff, where it resets the threshold when none is given. So, for instance, "--find-renames=25 --find-renames" should result in the default threshold (50%) instead of 25%. Signed-off-by: Felipe Gonçalves Assis <felipegassis@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 24 February 2016, 18:39:02 UTC |
| 3b1442d | John Keeping | 21 February 2016, 17:32:22 UTC | t9200: avoid grep on non-ASCII data GNU grep 2.23 detects the input used in this test as binary data so it does not work for extracting lines from a file. We could add the "-a" option to force grep to treat the input as text, but not all implementations support that. Instead, use sed to extract the desired lines since it will always treat its input as text. Signed-off-by: John Keeping <john@keeping.me.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 23:03:43 UTC |
| 0be43de | John Keeping | 21 February 2016, 17:32:21 UTC | t8005: avoid grep on non-ASCII data GNU grep 2.23 detects the input used in this test as binary data so it does not work for extracting lines from a file. We could add the "-a" option to force grep to treat the input as text, but not all implementations support that. Instead, use sed to extract the desired lines since it will always treat its input as text. While touching these lines, modernize the test style to avoid hiding the exit status of "git blame" and remove a space following a redirection operator. Also swap the order of the expected and actual output files given to test_cmp; we compare expect and actual to show how actual output differs from what is expected. Signed-off-by: John Keeping <john@keeping.me.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 23:00:12 UTC |
| 6e61449 | Jon Griffiths | 23 February 2016, 07:16:04 UTC | credential-cache--daemon: change to the socket dir on startup Changing to the socket path stops the daemon holding open the directory the user was in when it was started, preventing umount from working. We're already holding open a socket in that directory, so there's no downside. Thanks-to: Jeff King <peff@peff.net> Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 22:48:03 UTC |
| f6b1fb3 | Matthieu Moy | 23 February 2016, 21:04:41 UTC | Documentation/git-push: document that 'simple' is the default The default behavior is well documented already in git-config(1), but git-push(1) itself did not mention it at all. For users willing to learn how "git push" works but not how to configure it, this makes the documentation cumbersome to read. Make the git-push(1) page self-contained by adding a short summary of what 'push.default=simple' does, early in the page. Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 21:35:10 UTC |
| 4867f11 | Patrick Steinhardt | 23 February 2016, 11:59:17 UTC | xdiff/xmerge: fix memory leak in xdl_merge When building the script for the second file that is to be merged we have already allocated memory for data structures related to the first file. When we encounter an error in building the second script we only free allocated memory related to the second file before erroring out. Fix this memory leak by also releasing allocated memory related to the first file. Helped-by: Johannes Schindelin <Johannes.Schindelin@gmx.de> Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 20:58:26 UTC |
| bd93b8d | Jon Griffiths | 23 February 2016, 07:15:41 UTC | credential-cache--daemon: disallow relative socket path Relative socket paths are dangerous since the user cannot generally control when the daemon starts (initially, after a timeout, kill or crash). Since the daemon creates but does not delete the socket directory, this could lead to spurious directory creation relative to the users cwd. Suggested-by: Jeff King <peff@peff.net> Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 20:56:27 UTC |
| a6e5e28 | Jon Griffiths | 23 February 2016, 07:15:15 UTC | credential-cache--daemon: refactor check_socket_directory This function does an early return, and therefore has to repeat its cleanup. We can stick the later bit of the function into an "else" and avoid duplicating the shared part (which will get bigger in a future patch). Let's also rename the function to init_socket_directory. It not only checks the directory but also creates it. Saying "init" is more accurate. Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 20:56:26 UTC |
| 7c0da37 | Eric Wong | 23 February 2016, 06:26:59 UTC | tests: remove no-op full-svn-test target git-svn has not supported GIT_SVN_NO_OPTIMIZE_COMMITS for the "set-tree" sub-command in 9 years since commit 490f49ea5899 ("git-svn: remove optimized commit stuff for set-tree"). So remove this target and TSVN variable to avoid confusion. ref: http://mid.gmane.org/56C9B7B7.7030406@f2.dion.ne.jp Helped-by: Kazutoshi Satoda <k_satoda@f2.dion.ne.jp> Signed-off-by: Eric Wong <normalperson@yhbt.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 20:55:03 UTC |
| 817a0c7 | Torsten Bögershausen | 23 February 2016, 17:07:19 UTC | convert.c: correct attr_action() df747b81 (convert.c: refactor crlf_action, 2016-02-10) introduced a bug to "git ls-files --eol". The "text" attribute was shown as "text eol=lf" or "text eol=crlf", depending on core.autocrlf or core.eol. Correct this and add test cases in t0027. Signed-off-by: Torsten Bögershausen <tboegi@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 20:53:15 UTC |
| 907681e | Jeff King | 23 February 2016, 06:07:25 UTC | xdiff: drop XDL_EMIT_COMMON There are no more callers that use this mode, and none likely to be added (as our xdl_merge() eliminates the common use of it for generating 3-way merge bases). This is effectively a revert of a9ed376 (xdiff: generate "anti-diffs" aka what is common to two files, 2006-06-28), though of course trying to revert that ancient commit directly produces many textual conflicts. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 06:36:09 UTC |
| b779b3a | Jeff King | 23 February 2016, 06:06:55 UTC | merge-tree: drop generate_common strategy When merge_blobs sees an add/add conflict, it tries to create a virtual base object for the 3-way merge that consists of the common lines of each file. It inherited this strategy from merge-one-file in 0c79938 (Improved three-way blob merging code, 2006-06-28), and the point is to minimize the size of the conflict hunks. That commit talks about "if libxdiff were to ever grow a compatible three-way merge, it could probably be directly plugged in". That has long since happened. So as with merge-one-file in the previous commit, this extra step is no longer necessary. Our 3-way merge code is smart enough to do the minimizing itself if we simply feed it an empty base, which is what the more modern merge-recursive strategy already does. Not only does this let us drop some code, but it removes an overflow bug in generate_common_file(). We allocate a buffer as large as the smallest of the two blobs, under the assumption that there cannot be more common content than what is in the smaller blob. However, xdiff may feed us more: if neither file ends in a newline, it feeds us the "\nNo newline at end of file" marker as common content, and we write it into the output. If the differences between the files are small than that string, we overflow the output buffer. This patch solves it by simply dropping the buggy code entirely. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 06:36:07 UTC |
| 1a92e53 | Jeff King | 23 February 2016, 06:04:41 UTC | merge-one-file: use empty blob for add/add base When we see an add/add conflict on a file, we generate the conflicted content by doing a 3-way merge with a "virtual" base consisting of the common lines of the two sides. This strategy dates back to cb93c19 (merge-one-file: use common as base, instead of emptiness., 2005-11-09). Back then, the next step was to call rcs merge to generate the 3-way conflicts. Using the virtual base produced much better results, as rcs merge does not attempt to minimize the hunks. As a result, you'd get a conflict with the entirety of the files on either side. Since then, though, we've switched to using git-merge-file, which uses xdiff's "zealous" merge. This will find the minimal hunks even with just the simple, empty base. Let's switch to using that empty base. It's simpler, more efficient, and reduces our dependencies (we no longer need a working diff binary). It's also how the merge-recursive strategy handles this same case. We can almost get rid of git-sh-setup's create_virtual_base, but we don't here, for two reasons: 1. The functions in git-sh-setup are part of our public interface, so it's possible somebody is depending on it. We'd at least need to deprecate it first. 2. It's also used by mergetool's p4merge driver. It's unknown whether its 3-way merge is as capable as git's; if not, then it is benefiting from the function. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 23 February 2016, 06:36:05 UTC |
| 08c95df | Jeff King | 22 February 2016, 22:45:15 UTC | ewah: convert to REALLOC_ARRAY, etc Now that we're built around xmalloc and friends, we can use helpers like REALLOC_ARRAY, ALLOC_GROW, and so on to make the code shorter and protect against integer overflow. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| fb7dbf3 | Jeff King | 22 February 2016, 22:45:12 UTC | convert ewah/bitmap code to use xmalloc This code was originally written with the idea that it could be spun off into its own ewah library, and uses the overrideable ewah_malloc to do allocations. We plug in xmalloc as our ewah_malloc, of course. But over the years the ewah code itself has become more entangled with git, and the return value of many ewah_malloc sites is not checked. Let's just drop the level of indirection and use xmalloc and friends directly. This saves a few lines, and will let us adapt these sites to our more advanced malloc helpers. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| b1ddfb9 | Jeff King | 22 February 2016, 22:45:08 UTC | diff_populate_gitlink: use a strbuf We allocate 100 bytes to hold the "Submodule commit ..." text. This is enough, but it's not immediately obvious that this is the case, and we have to repeat the magic 100 twice. We could get away with xstrfmt here, but we want to know the size, as well, so let's use a real strbuf. And while we're here, we can clean up the logic around size_only. It currently sets and clears the "data" field pointlessly, and leaves the "should_free" flag on even after we have cleared the data. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 21f9d0f | Jeff King | 22 February 2016, 22:45:05 UTC | transport_anonymize_url: use xstrfmt This function uses xcalloc and two memcpy calls to concatenate two strings. We can do this as an xstrfmt one-liner, and then it is more clear that we are allocating the correct amount of memory. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 7eb45b5 | Jeff King | 22 February 2016, 22:45:01 UTC | git-compat-util: drop mempcpy compat code There are no callers of this left, as the last one was dropped in the previous patch. And there are not likely to be new ones, as the function has been around since 2010 without gaining any new callers. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 7b35eaf | Jeff King | 22 February 2016, 22:44:57 UTC | sequencer: simplify memory allocation of get_message For a commit with sha1 "1234abcd" and subject "foo", this function produces a struct with three strings: 1. "foo" 2. "1234abcd... foo" 3. "parent of 1234abcd... foo" It takes advantage of the fact that these strings are subsets of each other, and allocates only _one_ string, with pointers into the various parts. Unfortunately, this makes the string allocation complicated and hard to follow. Since we keep only one of these in memory at a time, we can afford to simply allocate three strings. This lets us build on tools like xstrfmt and avoid manual computation. While we're here, we can also drop the ad-hoc reimplementation of get_git_commit_encoding(), and simply call that function. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 62f1751 | Jeff King | 22 February 2016, 22:44:54 UTC | test-path-utils: fix normalize_path_copy output buffer size The normalize_path_copy function needs an output buffer that is at least as long as its input (it may shrink the path, but never expand it). However, this test program feeds it static PATH_MAX-sized buffers, which have no relation to the input size. In the normalize_ceiling_entry case, we do at least check the size against PATH_MAX and die(), but that case is even more convoluted. We normalize into a fixed-size buffer, free the original, and then replace it with a strdup'd copy of the result. But normalize_path_copy explicitly allows normalizing in-place, so we can simply do that. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 5545f05 | Jeff King | 22 February 2016, 22:44:50 UTC | fetch-pack: simplify add_sought_entry We have two variants of this function, one that takes a string and one that takes a ptr/len combo. But we only call the latter with the length of a NUL-terminated string, so our first simplification is to drop it in favor of the string variant. Since we know we have a string, we can also replace the manual memory computation with a call to alloc_ref(). Furthermore, we can rely on get_oid_hex() to complain if it hits the end of the string. That means we can simplify the check for "<sha1> <ref>" versus just "<ref>". Rather than manage the ptr/len pair, we can just bump the start of our string forward. The original code over-allocated based on the original "namelen" (which wasn't _wrong_, but was simply wasteful and confusing). Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| a78c188 | Jeff King | 22 February 2016, 22:44:46 UTC | fast-import: simplify allocation in start_packfile This function allocate a packed_git flex-array, and adds a mysterious 2 bytes to the length of the pack_name field. One is for the trailing NUL, but the other has no purpose. This is probably cargo-culted from add_packed_git, which gets the ".idx" path and needed to allocate enough space to hold the matching ".pack" (though since 48bcc1c, we calculate the size there differently). This site, however, is using the raw path of a tempfile, and does not need the extra byte. We can just replace the allocation with FLEX_ALLOC_STR, which handles the allocation and the NUL for us. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| e0b8373 | Jeff King | 22 February 2016, 22:44:42 UTC | write_untracked_extension: use FLEX_ALLOC helper We perform unchecked additions when computing the size of a "struct ondisk_untracked_cache". This is unlikely to have an integer overflow in practice, but we'd like to avoid this dangerous pattern to make further audits easier. Note that there's one subtlety here, though. We protect ourselves against a NULL exclude_per_dir entry in our source, and avoid calling strlen() on it, keeping "len" at 0. But later, we unconditionally memcpy "len + 1" bytes to get the trailing NUL byte. If we did have a NULL exclude_per_dir, we would read from bogus memory. As it turns out, though, we always create this field pointing to a string literal, so there's no bug. We can just get rid of the pointless extra conditional. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 20574f5 | Jeff King | 22 February 2016, 22:44:39 UTC | prepare_{git,shell}_cmd: use argv_array These functions transform an existing argv into one suitable for exec-ing or spawning via git or a shell. We can use an argv_array in each to avoid dealing with manual counting and allocation. This also makes the memory allocation more clear and fixes some leaks. In prepare_shell_cmd, we would sometimes allocate a new string with "$@" in it and sometimes not, meaning the caller could not correctly free it. On the non-Windows side, we are in a child process which will exec() or exit() immediately, so the leak isn't a big deal. On Windows, though, we use spawn() from the parent process, and leak a string for each shell command we run. On top of that, the Windows code did not free the allocated argv array at all (but does for the prepare_git_cmd case!). By switching both of these functions to write into an argv_array, we can consistently free the result as appropriate. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 50a6c8e | Jeff King | 22 February 2016, 22:44:35 UTC | use st_add and st_mult for allocation size computation If our size computation overflows size_t, we may allocate a much smaller buffer than we expected and overflow it. It's probably impossible to trigger an overflow in most of these sites in practice, but it is easy enough convert their additions and multiplications into overflow-checking variants. This may be fixing real bugs, and it makes auditing the code easier. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 96ffc06 | Jeff King | 22 February 2016, 22:44:32 UTC | convert trivial cases to FLEX_ARRAY macros Using FLEX_ARRAY macros reduces the amount of manual computation size we have to do. It also ensures we don't overflow size_t, and it makes sure we write the same number of bytes that we allocated. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 3733e69 | Jeff King | 22 February 2016, 22:44:28 UTC | use xmallocz to avoid size arithmetic We frequently allocate strings as xmalloc(len + 1), where the extra 1 is for the NUL terminator. This can be done more simply with xmallocz, which also checks for integer overflow. There's no case where switching xmalloc(n+1) to xmallocz(n) is wrong; the result is the same length, and malloc made no guarantees about what was in the buffer anyway. But in some cases, we can stop manually placing NUL at the end of the allocated buffer. But that's only safe if it's clear that the contents will always fill the buffer. In each case where this patch does so, I manually examined the control flow, and I tried to err on the side of caution. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| b32fa95 | Jeff King | 22 February 2016, 22:44:25 UTC | convert trivial cases to ALLOC_ARRAY Each of these cases can be converted to use ALLOC_ARRAY or REALLOC_ARRAY, which has two advantages: 1. It automatically checks the array-size multiplication for overflow. 2. It always uses sizeof(*array) for the element-size, so that it can never go out of sync with the declared type of the array. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:51:09 UTC |
| 850d2fe | Jeff King | 22 February 2016, 22:44:21 UTC | convert manual allocations to argv_array There are many manual argv allocations that predate the argv_array API. Switching to that API brings a few advantages: 1. We no longer have to manually compute the correct final array size (so it's one less thing we can screw up). 2. In many cases we had to make a separate pass to count, then allocate, then fill in the array. Now we can do it in one pass, making the code shorter and easier to follow. 3. argv_array handles memory ownership for us, making it more obvious when things should be free()d and and when not. Most of these cases are pretty straightforward. In some, we switch from "run_command_v" to "run_command" which lets us directly use the argv_array embedded in "struct child_process". Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:50:32 UTC |
| b992657 | Jeff King | 22 February 2016, 22:44:15 UTC | argv-array: add detach function The usual pattern for an argv array is to initialize it, push in some strings, and then clear it when done. Very occasionally, though, we must do other exotic things with the memory, like freeing the list but keeping the strings. Let's provide a detach function so that callers can make use of our API to build up the array, and then take ownership of it. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:50:32 UTC |
| 3689539 | Jeff King | 22 February 2016, 22:43:25 UTC | add helpers for allocating flex-array structs Allocating a struct with a flex array is pretty simple in practice: you over-allocate the struct, then copy some data into the over-allocation. But it can be a slight pain to make sure you're allocating and copying the right amounts. This patch adds a few helpers to turn simple cases of flex-array struct allocation into a one-liner that properly checks for overflow. See the embedded documentation for details. Ideally we could provide a more flexible version that could handle multiple strings, like: FLEX_ALLOC_FMT(ref, name, "%s%s", prefix, name); But we have to implement this as a macro (because of the offset calculation of the flex member), which means we would need all compilers to support variadic macros. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:50:32 UTC |
| e7792a7 | Jeff King | 22 February 2016, 22:43:18 UTC | harden REALLOC_ARRAY and xcalloc against size_t overflow REALLOC_ARRAY inherently involves a multiplication which can overflow size_t, resulting in a much smaller buffer than we think we've allocated. We can easily harden it by using st_mult() to check for overflow. Likewise, we can add ALLOC_ARRAY to do the same thing for xmalloc calls. xcalloc() should already be fine, because it takes the two factors separately, assuming the system calloc actually checks for overflow. However, before we even hit the system calloc(), we do our memory_limit_check, which involves a multiplication. Let's check for overflow ourselves so that this limit cannot be bypassed. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 22:50:32 UTC |
| 70bd996 | Junio C Hamano | 22 February 2016, 21:16:12 UTC | Sync with 2.7.2 | 22 February 2016, 21:16:12 UTC |
| 4091558 | Junio C Hamano | 22 February 2016, 21:15:01 UTC | Merge branch 'js/git-remote-add-url-insteadof-test' * js/git-remote-add-url-insteadof-test: t5505: 'remote add x y' should work when url.y.insteadOf = x | 22 February 2016, 21:15:01 UTC |
| 895f20d | Junio C Hamano | 22 February 2016, 21:14:48 UTC | Merge branch 'jk/config-include' * jk/config-include: git-config: better document default behavior for `--include` | 22 February 2016, 21:14:48 UTC |
| d7145ef | Junio C Hamano | 22 February 2016, 21:14:33 UTC | Merge branch 'ew/connect-verbose' * ew/connect-verbose: t5570: add tests for "git {clone,fetch,pull} -v" | 22 February 2016, 21:14:33 UTC |
| 326e5bc | Junio C Hamano | 22 February 2016, 21:12:56 UTC | Git 2.7.2 Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 21:12:56 UTC |
| 2bbea5c | Junio C Hamano | 22 February 2016, 21:10:21 UTC | Merge branch 'nd/ita-cleanup' into maint Paths that have been told the index about with "add -N" are not quite yet in the index, but a few commands behaved as if they already are in a harmful way. * nd/ita-cleanup: grep: make it clear i-t-a entries are ignored add and use a convenience macro ce_intent_to_add() blame: remove obsolete comment | 22 February 2016, 21:10:21 UTC |
| 47847c7 | Junio C Hamano | 22 February 2016, 21:10:20 UTC | Merge branch 'pw/completion-stash' into maint * pw/completion-stash: completion: fix mis-indentation in _git_stash() | 22 February 2016, 21:10:20 UTC |
| 924459c | Junio C Hamano | 22 February 2016, 21:10:20 UTC | Merge branch 'mm/clean-doc-fix' into maint The documentation for "git clean" has been corrected; it mentioned that .git/modules/* are removed by giving two "-f", which has never been the case. * mm/clean-doc-fix: Documentation/git-clean.txt: don't mention deletion of .git/modules/* | 22 February 2016, 21:10:20 UTC |
| 2263a05 | Junio C Hamano | 22 February 2016, 21:10:19 UTC | Merge branch 'dw/mergetool-vim-window-shuffle' into maint The vimdiff backend for "git mergetool" has been tweaked to arrange and number buffers in the order that would match the expectation of majority of people who read left to right, then top down and assign buffers 1 2 3 4 "mentally" to local base remote merge windows based on that order. * dw/mergetool-vim-window-shuffle: mergetool: reorder vim/gvim buffers in three-way diffs | 22 February 2016, 21:10:20 UTC |
| fa7b63d | Junio C Hamano | 22 February 2016, 21:10:19 UTC | Merge branch 'ah/stripspace-optstring' into maint * ah/stripspace-optstring: stripspace: call U+0020 a "space" instead of a "blank" | 22 February 2016, 21:10:19 UTC |
| 83837ec | Felipe Gonçalves Assis | 21 February 2016, 22:59:01 UTC | merge-strategies.txt: fix typo Signed-off-by: Felipe Gonçalves Assis <felipegassis@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 18:42:52 UTC |
| a64e6a4 | Jeff King | 22 February 2016, 18:28:54 UTC | diff: clarify textconv interface The memory allocation scheme for the textconv interface is a bit tricky, and not well documented. It was originally designed as an internal part of diff.c (matching fill_mmfile), but gradually was made public. Refactoring it is difficult, but we can at least improve the situation by documenting the intended flow and enforcing it with an in-code assertion. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com> | 22 February 2016, 18:40:35 UTC |
