diff options
60 files changed, 1101 insertions, 175 deletions
diff --git a/Documentation/CodingGuidelines b/Documentation/CodingGuidelines index 894546dd7..0f8cccf52 100644 --- a/Documentation/CodingGuidelines +++ b/Documentation/CodingGuidelines @@ -413,6 +413,29 @@ Error Messages - Say what the error is first ("cannot open %s", not "%s: cannot open") +Externally Visible Names + + - For configuration variable names, follow the existing convention: + + . The section name indicates the affected subsystem. + + . The subsection name, if any, indicates which of an unbounded set + of things to set the value for. + + . The variable name describes the effect of tweaking this knob. + + The section and variable names that consist of multiple words are + formed by concatenating the words without punctuations (e.g. `-`), + and are broken using bumpyCaps in documentation as a hint to the + reader. + + When choosing the variable namespace, do not use variable name for + specifying possibly unbounded set of things, most notably anything + an end user can freely come up with (e.g. branch names). Instead, + use subsection names or variable values, like the existing variable + branch.<name>.description does. + + Writing Documentation: Most (if not all) of the documentation pages are written in the diff --git a/Documentation/RelNotes/2.3.2.txt b/Documentation/RelNotes/2.3.2.txt new file mode 100644 index 000000000..f4caf5492 --- /dev/null +++ b/Documentation/RelNotes/2.3.2.txt @@ -0,0 +1,79 @@ +Git v2.3.2 Release Notes +======================== + +Fixes since v2.3.1 +------------------ + + * "update-index --refresh" used to leak when an entry cannot be + refreshed for whatever reason. + + * "git fast-import" used to crash when it could not close and + conclude the resulting packfile cleanly. + + * "git blame" died, trying to free an uninitialized piece of memory. + + * "git merge-file" did not work correctly in a subdirectory. + + * "git submodule add" failed to squash "path/to/././submodule" to + "path/to/submodule". + + * In v2.2.0, we broke "git prune" that runs in a repository that + borrows from an alternate object store. + + * Certain older vintages of cURL give irregular output from + "curl-config --vernum", which confused our build system. + + * An earlier workaround to squelch unhelpful deprecation warnings + from the complier on Mac OSX unnecessarily set minimum required + version of the OS, which the user might want to raise (or lower) + for other reasons. + + * Longstanding configuration variable naming rules has been added to + the documentation. + + * The credential helper for Windows (in contrib/) used to mishandle + a user name with an at-sign in it. + + * Older GnuPG implementations may not correctly import the keyring + material we prepare for the tests to use. + + * Clarify in the documentation that "remote.<nick>.pushURL" and + "remote.<nick>.URL" are there to name the same repository accessed + via different transports, not two separate repositories. + + * The pack bitmap support did not build with older versions of GCC. + + * Reading configuration from a blob object, when it ends with a lone + CR, use to confuse the configuration parser. + + * We didn't format an integer that wouldn't fit in "int" but in + "uintmax_t" correctly. + + * "git push --signed" gave an incorrectly worded error message when + the other side did not support the capability. + + * "git fetch" over a remote-helper that cannot respond to "list" + command could not fetch from a symbolic reference e.g. HEAD. + + * The insn sheet "git rebase -i" creates did not fully honor + core.abbrev settings. + + * The tests that wanted to see that file becomes unreadable after + running "chmod a-r file", and the tests that wanted to make sure it + is not run as root, we used "can we write into the / directory?" as + a cheap substitute, but on some platforms that is not a good + heuristics. The tests and their prerequisites have been updated to + check what they really require. + + * The configuration variable 'mailinfo.scissors' was hard to + discover in the documentation. + + * Correct a breakage to git-svn around v2.2 era that triggers + premature closing of FileHandle. + + * Even though we officially haven't dropped Perl 5.8 support, the + Getopt::Long package that came with it does not support "--no-" + prefix to negate a boolean option; manually add support to help + people with older Getopt::Long package. + +Also contains typofixes, documentation updates and trivial code clean-ups. diff --git a/Documentation/config.txt b/Documentation/config.txt index 04e2a7168..5fbe9403b 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -683,14 +683,13 @@ core.abbrev:: for abbreviated object names to stay unique for sufficiently long time. -add.ignore-errors:: add.ignoreErrors:: +add.ignore-errors (deprecated):: Tells 'git add' to continue adding files when some files cannot be added due to indexing errors. Equivalent to the '--ignore-errors' - option of linkgit:git-add[1]. Older versions of Git accept only - `add.ignore-errors`, which does not follow the usual naming - convention for configuration variables. Newer versions of Git - honor `add.ignoreErrors` as well. + option of linkgit:git-add[1]. `add.ignore-errors` is deprecated, + as it does not follow the usual naming convention for configuration + variables. alias.*:: Command aliases for the linkgit:git[1] command wrapper - e.g. @@ -1740,6 +1739,13 @@ log.mailmap:: If true, makes linkgit:git-log[1], linkgit:git-show[1], and linkgit:git-whatchanged[1] assume `--use-mailmap`. +mailinfo.scissors:: + If true, makes linkgit:git-mailinfo[1] (and therefore + linkgit:git-am[1]) act by default as if the --scissors option + was provided on the command-line. When active, this features + removes everything from the message body before a scissors + line (i.e. consisting mainly of ">8", "8<" and "-"). + mailmap.file:: The location of an augmenting mailmap file. The default mailmap, located in the root of the repository, is loaded @@ -1960,7 +1966,7 @@ pack.useBitmaps:: true. You should not generally need to turn this off unless you are debugging pack bitmaps. -pack.writebitmaps:: +pack.writebitmaps (deprecated):: This is a deprecated synonym for `repack.writeBitmaps`. pack.writeBitmapHashCache:: @@ -2297,7 +2303,7 @@ sendemail.smtpencryption:: See linkgit:git-send-email[1] for description. Note that this setting is not subject to the 'identity' mechanism. -sendemail.smtpssl:: +sendemail.smtpssl (deprecated):: Deprecated alias for 'sendemail.smtpencryption = ssl'. sendemail.smtpsslcertpath:: @@ -2337,7 +2343,7 @@ sendemail.validate:: sendemail.xmailer:: See linkgit:git-send-email[1] for description. -sendemail.signedoffcc:: +sendemail.signedoffcc (deprecated):: Deprecated alias for 'sendemail.signedoffbycc'. showbranch.default:: @@ -2402,12 +2408,16 @@ status.submodulesummary:: submodule.<name>.path:: submodule.<name>.url:: + The path within this project and URL for a submodule. These + variables are initially populated by 'git submodule init'. See + linkgit:git-submodule[1] and linkgit:gitmodules[5] for + details. + submodule.<name>.update:: - The path within this project, URL, and the updating strategy - for a submodule. These variables are initially populated - by 'git submodule init'; edit them to override the - URL and other values found in the `.gitmodules` file. See - linkgit:git-submodule[1] and linkgit:gitmodules[5] for details. + The default update procedure for a submodule. This variable + is populated by `git submodule init` from the + linkgit:gitmodules[5] file. See description of 'update' + command in linkgit:git-submodule[1]. submodule.<name>.branch:: The remote branch name for a submodule, used by `git submodule diff --git a/Documentation/git-am.txt b/Documentation/git-am.txt index f4eea28dc..0d8ba48f7 100644 --- a/Documentation/git-am.txt +++ b/Documentation/git-am.txt @@ -52,7 +52,8 @@ OPTIONS -c:: --scissors:: Remove everything in body before a scissors line (see - linkgit:git-mailinfo[1]). + linkgit:git-mailinfo[1]). Can be activated by default using + the `mailinfo.scissors` configuration variable. --no-scissors:: Ignore scissors lines (see linkgit:git-mailinfo[1]). diff --git a/Documentation/git-apply.txt b/Documentation/git-apply.txt index f60532794..9489664cf 100644 --- a/Documentation/git-apply.txt +++ b/Documentation/git-apply.txt @@ -16,7 +16,7 @@ SYNOPSIS [--ignore-space-change | --ignore-whitespace ] [--whitespace=(nowarn|warn|fix|error|error-all)] [--exclude=<path>] [--include=<path>] [--directory=<root>] - [--verbose] [<patch>...] + [--verbose] [--unsafe-paths] [<patch>...] DESCRIPTION ----------- @@ -229,6 +229,16 @@ For example, a patch that talks about updating `a/git-gui.sh` to `b/git-gui.sh` can be applied to the file in the working tree `modules/git-gui/git-gui.sh` by running `git apply --directory=modules/git-gui`. +--unsafe-paths:: + By default, a patch that affects outside the working area + (either a Git controlled working tree, or the current working + directory when "git apply" is used as a replacement of GNU + patch) is rejected as a mistake (or a mischief). ++ +When `git apply` is used as a "better GNU patch", the user can pass +the `--unsafe-paths` option to override this safety check. This option +has no effect when `--index` or `--cached` is in use. + Configuration ------------- diff --git a/Documentation/git-remote.txt b/Documentation/git-remote.txt index f52d20a94..4c6d6de7b 100644 --- a/Documentation/git-remote.txt +++ b/Documentation/git-remote.txt @@ -133,17 +133,25 @@ branches, adds to that list. 'set-url':: -Changes URL remote points to. Sets first URL remote points to matching +Changes URLs for the remote. Sets first URL for remote <name> that matches regex <oldurl> (first URL if no <oldurl> is given) to <newurl>. If -<oldurl> doesn't match any URL, error occurs and nothing is changed. +<oldurl> doesn't match any URL, an error occurs and nothing is changed. + With '--push', push URLs are manipulated instead of fetch URLs. + -With '--add', instead of changing some URL, new URL is added. +With '--add', instead of changing existing URLs, new URL is added. + -With '--delete', instead of changing some URL, all URLs matching -regex <url> are deleted. Trying to delete all non-push URLs is an -error. +With '--delete', instead of changing existing URLs, all URLs matching +regex <url> are deleted for remote <name>. Trying to delete all +non-push URLs is an error. ++ +Note that the push URL and the fetch URL, even though they can +be set differently, must still refer to the same place. What you +pushed to the push URL should be what you would see if you +immediately fetched from the fetch URL. If you are trying to +fetch from one place (e.g. your upstream) and push to another (e.g. +your publishing repository), use two separate remotes. + 'show':: diff --git a/Documentation/git-submodule.txt b/Documentation/git-submodule.txt index 8e6af65da..2c25916f8 100644 --- a/Documentation/git-submodule.txt +++ b/Documentation/git-submodule.txt @@ -154,27 +154,51 @@ If `--force` is specified, the submodule's work tree will be removed even if it contains local modifications. update:: - Update the registered submodules, i.e. clone missing submodules and - checkout the commit specified in the index of the containing repository. - This will make the submodules HEAD be detached unless `--rebase` or - `--merge` is specified or the key `submodule.$name.update` is set to - `rebase`, `merge` or `none`. `none` can be overridden by specifying - `--checkout`. Setting the key `submodule.$name.update` to `!command` - will cause `command` to be run. `command` can be any arbitrary shell - command that takes a single argument, namely the sha1 to update to. + +-- +Update the registered submodules to match what the superproject +expects by cloning missing submodules and updating the working tree of +the submodules. The "updating" can be done in several ways depending +on command line options and the value of `submodule.<name>.update` +configuration variable. Supported update procedures are: + + checkout;; the commit recorded in the superproject will be + checked out in the submodule on a detached HEAD. This is + done when `--checkout` option is given, or no option is + given, and `submodule.<name>.update` is unset, or if it is + set to 'checkout'. ++ +If `--force` is specified, the submodule will be checked out (using +`git checkout --force` if appropriate), even if the commit specified +in the index of the containing repository already matches the commit +checked out in the submodule. + + rebase;; the current branch of the submodule will be rebased + onto the commit recorded in the superproject. This is done + when `--rebase` option is given, or no option is given, and + `submodule.<name>.update` is set to 'rebase'. + + merge;; the commit recorded in the superproject will be merged + into the current branch in the submodule. This is done + when `--merge` option is given, or no option is given, and + `submodule.<name>.update` is set to 'merge'. + + custom command;; arbitrary shell command that takes a single + argument (the sha1 of the commit recorded in the + superproject) is executed. This is done when no option is + given, and `submodule.<name>.update` has the form of + '!command'. + +When no option is given and `submodule.<name>.update` is set to 'none', +the submodule is not updated. + If the submodule is not yet initialized, and you just want to use the setting as stored in .gitmodules, you can automatically initialize the submodule with the `--init` option. -+ + If `--recursive` is specified, this command will recurse into the registered submodules, and update any nested submodules within. -+ -If `--force` is specified, the submodule will be checked out (using -`git checkout --force` if appropriate), even if the commit specified in the -index of the containing repository already matches the commit checked out in -the submodule. - +-- summary:: Show commit summary between the given commit (defaults to HEAD) and working tree/index. For a submodule in question, a series of commits @@ -238,10 +262,12 @@ OPTIONS When running add, allow adding an otherwise ignored submodule path. When running deinit the submodule work trees will be removed even if they contain local changes. - When running update, throw away local changes in submodules when - switching to a different commit; and always run a checkout operation - in the submodule, even if the commit listed in the index of the - containing repository matches the commit checked out in the submodule. + When running update (only effective with the checkout procedure), + throw away local changes in submodules when switching to a + different commit; and always run a checkout operation in the + submodule, even if the commit listed in the index of the + containing repository matches the commit checked out in the + submodule. --cached:: This option is only valid for status and summary commands. These @@ -302,7 +328,7 @@ the submodule itself. Checkout the commit recorded in the superproject on a detached HEAD in the submodule. This is the default behavior, the main use of this option is to override `submodule.$name.update` when set to - `merge`, `rebase` or `none`. + a value other than `checkout`. If the key `submodule.$name.update` is either not explicitly set or set to `checkout`, this option is implicit. diff --git a/Documentation/git.txt b/Documentation/git.txt index b37f1abe8..52c4d2a7c 100644 --- a/Documentation/git.txt +++ b/Documentation/git.txt @@ -43,9 +43,10 @@ unreleased) version of Git, that is available from the 'master' branch of the `git.git` repository. Documentation for older releases are available here: -* link:v2.3.1/git.html[documentation for release 2.3.1] +* link:v2.3.2/git.html[documentation for release 2.3.2] * release notes for + link:RelNotes/2.3.2.txt[2.3.2], link:RelNotes/2.3.1.txt[2.3.1], link:RelNotes/2.3.0.txt[2.3]. diff --git a/Documentation/gitmodules.txt b/Documentation/gitmodules.txt index f6c0dfd02..ac70eca32 100644 --- a/Documentation/gitmodules.txt +++ b/Documentation/gitmodules.txt @@ -38,18 +38,15 @@ submodule.<name>.url:: In addition, there are a number of optional keys: submodule.<name>.update:: - Defines what to do when the submodule is updated by the superproject. - If 'checkout' (the default), the new commit specified in the - superproject will be checked out in the submodule on a detached HEAD. - If 'rebase', the current branch of the submodule will be rebased onto - the commit specified in the superproject. If 'merge', the commit - specified in the superproject will be merged into the current branch - in the submodule. - If 'none', the submodule with name `$name` will not be updated - by default. - - This config option is overridden if 'git submodule update' is given - the '--merge', '--rebase' or '--checkout' options. + Defines the default update procedure for the named submodule, + i.e. how the submodule is updated by "git submodule update" + command in the superproject. This is only used by `git + submodule init` to initialize the configuration variable of + the same name. Allowed values here are 'checkout', 'rebase', + 'merge' or 'none'. See description of 'update' command in + linkgit:git-submodule[1] for their meaning. Note that the + '!command' form is intentionally ignored here for security + reasons. submodule.<name>.branch:: A remote branch name for tracking updates in the upstream submodule. diff --git a/GIT-VERSION-GEN b/GIT-VERSION-GEN index 040778897..50078659f 100755 --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@ -1,7 +1,7 @@ #!/bin/sh GVF=GIT-VERSION-FILE -DEF_VER=v2.3.1 +DEF_VER=v2.3.2 LF=' ' @@ -1035,13 +1035,13 @@ else REMOTE_CURL_NAMES = $(REMOTE_CURL_PRIMARY) $(REMOTE_CURL_ALIASES) PROGRAM_OBJS += http-fetch.o PROGRAMS += $(REMOTE_CURL_NAMES) - curl_check := $(shell (echo 070908; curl-config --vernum) 2>/dev/null | sort -r | sed -ne 2p) + curl_check := $(shell (echo 070908; curl-config --vernum | sed -e '/^70[BC]/s/^/0/') 2>/dev/null | sort -r | sed -ne 2p) ifeq "$(curl_check)" "070908" ifndef NO_EXPAT PROGRAM_OBJS += http-push.o endif endif - curl_check := $(shell (echo 072200; curl-config --vernum) 2>/dev/null | sort -r | sed -ne 2p) + curl_check := $(shell (echo 072200; curl-config --vernum | sed -e '/^70[BC]/s/^/0/') 2>/dev/null | sort -r | sed -ne 2p) ifeq "$(curl_check)" "072200" USE_CURL_FOR_IMAP_SEND = YesPlease endif @@ -1 +1 @@ -Documentation/RelNotes/2.3.1.txt
\ No newline at end of file +Documentation/RelNotes/2.3.2.txt
\ No newline at end of file diff --git a/builtin/apply.c b/builtin/apply.c index c484b53f5..0ca687fa6 100644 --- a/builtin/apply.c +++ b/builtin/apply.c @@ -51,6 +51,7 @@ static int apply_verbosely; static int allow_overlap; static int no_add; static int threeway; +static int unsafe_paths; static const char *fake_ancestor; static int line_termination = '\n'; static unsigned int p_context = UINT_MAX; @@ -3221,7 +3222,7 @@ static int load_patch_target(struct strbuf *buf, const char *name, unsigned expected_mode) { - if (cached) { + if (cached || check_index) { if (read_file_or_gitlink(ce, buf)) return error(_("read of %s failed"), name); } else if (name) { @@ -3230,6 +3231,8 @@ static int load_patch_target(struct strbuf *buf, return read_file_or_gitlink(ce, buf); else return SUBMODULE_PATCH_WITHOUT_INDEX; + } else if (has_symlink_leading_path(name, strlen(name))) { + return error(_("reading from '%s' beyond a symbolic link"), name); } else { if (read_old_data(st, name, buf)) return error(_("read of %s failed"), name); @@ -3570,6 +3573,121 @@ static int check_to_create(const char *new_name, int ok_if_exists) } /* + * We need to keep track of how symlinks in the preimage are + * manipulated by the patches. A patch to add a/b/c where a/b + * is a symlink should not be allowed to affect the directory + * the symlink points at, but if the same patch removes a/b, + * it is perfectly fine, as the patch removes a/b to make room + * to create a directory a/b so that a/b/c can be created. + */ +static struct string_list symlink_changes; +#define SYMLINK_GOES_AWAY 01 +#define SYMLINK_IN_RESULT 02 + +static uintptr_t register_symlink_changes(const char *path, uintptr_t what) +{ + struct string_list_item *ent; + + ent = string_list_lookup(&symlink_changes, path); + if (!ent) { + ent = string_list_insert(&symlink_changes, path); + ent->util = (void *)0; + } + ent->util = (void *)(what | ((uintptr_t)ent->util)); + return (uintptr_t)ent->util; +} + +static uintptr_t check_symlink_changes(const char *path) +{ + struct string_list_item *ent; + + ent = string_list_lookup(&symlink_changes, path); + if (!ent) + return 0; + return (uintptr_t)ent->util; +} + +static void prepare_symlink_changes(struct patch *patch) +{ + for ( ; patch; patch = patch->next) { + if ((patch->old_name && S_ISLNK(patch->old_mode)) && + (patch->is_rename || patch->is_delete)) + /* the symlink at patch->old_name is removed */ + register_symlink_changes(patch->old_name, SYMLINK_GOES_AWAY); + + if (patch->new_name && S_ISLNK(patch->new_mode)) + /* the symlink at patch->new_name is created or remains */ + register_symlink_changes(patch->new_name, SYMLINK_IN_RESULT); + } +} + +static int path_is_beyond_symlink_1(struct strbuf *name) +{ + do { + unsigned int change; + + while (--name->len && name->buf[name->len] != '/') + ; /* scan backwards */ + if (!name->len) + break; + name->buf[name->len] = '\0'; + change = check_symlink_changes(name->buf); + if (change & SYMLINK_IN_RESULT) + return 1; + if (change & SYMLINK_GOES_AWAY) + /* + * This cannot be "return 0", because we may + * see a new one created at a higher level. + */ + continue; + + /* otherwise, check the preimage */ + if (check_index) { + struct cache_entry *ce; + + ce = cache_file_exists(name->buf, name->len, ignore_case); + if (ce && S_ISLNK(ce->ce_mode)) + return 1; + } else { + struct stat st; + if (!lstat(name->buf, &st) && S_ISLNK(st.st_mode)) + return 1; + } + } while (1); + return 0; +} + +static int path_is_beyond_symlink(const char *name_) +{ + int ret; + struct strbuf name = STRBUF_INIT; + + assert(*name_ != '\0'); + strbuf_addstr(&name, name_); + ret = path_is_beyond_symlink_1(&name); + strbuf_release(&name); + + return ret; +} + +static void die_on_unsafe_path(struct patch *patch) +{ + const char *old_name = NULL; + const char *new_name = NULL; + if (patch->is_delete) + old_name = patch->old_name; + else if (!patch->is_new && !patch->is_copy) + old_name = patch->old_name; + if (!patch->is_delete) + new_name = patch->new_name; + + if (old_name && !verify_path(old_name)) + die(_("invalid path '%s'"), old_name); + if (new_name && !verify_path(new_name)) + die(_("invalid path '%s'"), new_name); +} + +/* * Check and apply the patch in-core; leave the result in patch->result * for the caller to write it out to the final destination. */ @@ -3656,6 +3774,22 @@ static int check_patch(struct patch *patch) } } + if (!unsafe_paths) + die_on_unsafe_path(patch); + + /* + * An attempt to read from or delete a path that is beyond a + * symbolic link will be prevented by load_patch_target() that + * is called at the beginning of apply_data() so we do not + * have to worry about a patch marked with "is_delete" bit + * here. We however need to make sure that the patch result + * is not deposited to a path that is beyond a symbolic link + * here. + */ + if (!patch->is_delete && path_is_beyond_symlink(patch->new_name)) + return error(_("affected file '%s' is beyond a symbolic link"), + patch->new_name); + if (apply_data(patch, &st, ce) < 0) return error(_("%s: patch does not apply"), name); patch->rejected = 0; @@ -3666,6 +3800,7 @@ static int check_patch_list(struct patch *patch) { int err = 0; + prepare_symlink_changes(patch); prepare_fn_table(patch); while (patch) { if (apply_verbosely) @@ -4404,6 +4539,8 @@ int cmd_apply(int argc, const char **argv, const char *prefix_) N_("make sure the patch is applicable to the current index")), OPT_BOOL(0, "cached", &cached, N_("apply a patch without touching the working tree")), + OPT_BOOL(0, "unsafe-paths", &unsafe_paths, + N_("accept a patch that touches outside the working area")), OPT_BOOL(0, "apply", &force_apply, N_("also apply the patch (use with --stat/--summary/--check)")), OPT_BOOL('3', "3way", &threeway, @@ -4476,6 +4613,9 @@ int cmd_apply(int argc, const char **argv, const char *prefix_) die(_("--cached outside a repository")); check_index = 1; } + if (check_index) + unsafe_paths = 0; + for (i = 0; i < argc; i++) { const char *arg = argv[i]; int fd; diff --git a/builtin/blame.c b/builtin/blame.c index 0374fe805..2b1f9dd6c 100644 --- a/builtin/blame.c +++ b/builtin/blame.c @@ -2085,7 +2085,6 @@ static void find_alignment(struct scoreboard *sb, int *option) for (e = sb->ent; e; e = e->next) { struct origin *suspect = e->suspect; - struct commit_info ci; int num; if (compute_auto_abbrev) @@ -2096,6 +2095,7 @@ static void find_alignment(struct scoreboard *sb, int *option) if (longest_file < num) longest_file = num; if (!(suspect->commit->object.flags & METAINFO_SHOWN)) { + struct commit_info ci; suspect->commit->object.flags |= METAINFO_SHOWN; get_commit_info(suspect->commit, &ci, 1); if (*option & OUTPUT_SHOW_EMAIL) @@ -2104,6 +2104,7 @@ static void find_alignment(struct scoreboard *sb, int *option) num = utf8_strwidth(ci.author.buf); if (longest_author < num) longest_author = num; + commit_info_destroy(&ci); } num = e->s_lno + e->num_lines; if (longest_src_lines < num) @@ -2113,8 +2114,6 @@ static void find_alignment(struct scoreboard *sb, int *option) longest_dst_lines = num; if (largest_score < ent_score(sb, e)) largest_score = ent_score(sb, e); - - commit_info_destroy(&ci); } max_orig_digits = decimal_width(longest_src_lines); max_digits = decimal_width(longest_dst_lines); diff --git a/builtin/fetch.c b/builtin/fetch.c index 7b84d35d8..75a55e590 100644 --- a/builtin/fetch.c +++ b/builtin/fetch.c @@ -11,7 +11,6 @@ #include "run-command.h" #include "parse-options.h" #include "sigchain.h" -#include "transport.h" #include "submodule.h" #include "connected.h" #include "argv-array.h" diff --git a/builtin/for-each-ref.c b/builtin/for-each-ref.c index a0123f614..008513c2f 100644 --- a/builtin/for-each-ref.c +++ b/builtin/for-each-ref.c @@ -178,11 +178,10 @@ static const char *find_next(const char *cp) static int verify_format(const char *format) { const char *cp, *sp; - static const char color_reset[] = "color:reset"; need_color_reset_at_eol = 0; for (cp = format; *cp && (sp = find_next(cp)); ) { - const char *ep = strchr(sp, ')'); + const char *color, *ep = strchr(sp, ')'); int at; if (!ep) @@ -191,8 +190,8 @@ static int verify_format(const char *format) at = parse_atom(sp + 2, ep); cp = ep + 1; - if (starts_with(used_atom[at], "color:")) - need_color_reset_at_eol = !!strcmp(used_atom[at], color_reset); + if (skip_prefix(used_atom[at], "color:", &color)) + need_color_reset_at_eol = !!strcmp(color, "reset"); } return 0; } diff --git a/builtin/merge-file.c b/builtin/merge-file.c index 844f84f40..232b76857 100644 --- a/builtin/merge-file.c +++ b/builtin/merge-file.c @@ -90,7 +90,8 @@ int cmd_merge_file(int argc, const char **argv, const char *prefix) if (ret >= 0) { const char *filename = argv[0]; - FILE *f = to_stdout ? stdout : fopen(filename, "wb"); + const char *fpath = prefix_filename(prefix, prefixlen, argv[0]); + FILE *f = to_stdout ? stdout : fopen(fpath, "wb"); if (!f) ret = error("Could not open %s for writing", filename); @@ -1254,6 +1254,10 @@ extern int unpack_object_header(struct packed_git *, struct pack_window **, off_ * * Any callback that is NULL will be ignored. Callbacks returning non-zero * will end the iteration. + * + * In the "buf" variant, "path" is a strbuf which will also be used as a + * scratch buffer, but restored to its original contents before + * the function returns. */ typedef int each_loose_object_fn(const unsigned char *sha1, const char *path, @@ -1269,6 +1273,11 @@ int for_each_loose_file_in_objdir(const char *path, each_loose_cruft_fn cruft_cb, each_loose_subdir_fn subdir_cb, void *data); +int for_each_loose_file_in_objdir_buf(struct strbuf *path, + each_loose_object_fn obj_cb, + each_loose_cruft_fn cruft_cb, + each_loose_subdir_fn subdir_cb, + void *data); /* * Iterate over loose and packed objects in both the local @@ -1498,7 +1507,7 @@ extern const char *pager_program; extern int pager_in_use(void); extern int pager_use_color; extern int term_columns(void); -extern int decimal_width(int); +extern int decimal_width(uintmax_t); extern int check_pager_config(const char *cmd); extern const char *editor_program; @@ -73,8 +73,12 @@ static int config_buf_fgetc(struct config_source *conf) static int config_buf_ungetc(int c, struct config_source *conf) { - if (conf->u.buf.pos > 0) - return conf->u.buf.buf[--conf->u.buf.pos]; + if (conf->u.buf.pos > 0) { + conf->u.buf.pos--; + if (conf->u.buf.buf[conf->u.buf.pos] != c) + die("BUG: config_buf can only ungetc the same character"); + return c; + } return EOF; } @@ -235,7 +239,8 @@ static int get_next_char(void) /* DOS like systems */ c = cf->do_fgetc(cf); if (c != '\n') { - cf->do_ungetc(c, cf); + if (c != EOF) + cf->do_ungetc(c, cf); c = '\r'; } } @@ -157,8 +157,7 @@ struct ref **get_remote_heads(int in, char *src_buf, size_t src_len, server_capabilities = xstrdup(name + name_len + 1); } - if (extra_have && - name_len == 5 && !memcmp(".have", name, 5)) { + if (extra_have && !strcmp(name, ".have")) { sha1_array_append(extra_have, old_sha1); continue; } @@ -670,10 +669,20 @@ struct child_process *git_connect(int fd[2], const char *url, printf("Diag: path=%s\n", path ? path : "NULL"); conn = NULL; } else if (protocol == PROTO_GIT) { + /* + * Set up virtual host information based on where we will + * connect, unless the user has overridden us in + * the environment. + */ + char *target_host = getenv("GIT_OVERRIDE_VIRTUAL_HOST"); + if (target_host) + target_host = xstrdup(target_host); + else + target_host = xstrdup(hostandport); + /* These underlying connection commands die() if they * cannot connect. */ - char *target_host = xstrdup(hostandport); if (git_use_proxy(hostandport)) conn = git_proxy_connect(fd, hostandport); else diff --git a/contrib/credential/wincred/git-credential-wincred.c b/contrib/credential/wincred/git-credential-wincred.c index a1d38f035..006134043 100644 --- a/contrib/credential/wincred/git-credential-wincred.c +++ b/contrib/credential/wincred/git-credential-wincred.c @@ -111,14 +111,23 @@ static void write_item(const char *what, LPCWSTR wbuf, int wlen) * Match an (optional) expected string and a delimiter in the target string, * consuming the matched text by updating the target pointer. */ -static int match_part(LPCWSTR *ptarget, LPCWSTR want, LPCWSTR delim) + +static LPCWSTR wcsstr_last(LPCWSTR str, LPCWSTR find) +{ + LPCWSTR res = NULL, pos; + for (pos = wcsstr(str, find); pos; pos = wcsstr(pos + 1, find)) + res = pos; + return res; +} + +static int match_part_with_last(LPCWSTR *ptarget, LPCWSTR want, LPCWSTR delim, int last) { LPCWSTR delim_pos, start = *ptarget; int len; /* find start of delimiter (or end-of-string if delim is empty) */ if (*delim) - delim_pos = wcsstr(start, delim); + delim_pos = last ? wcsstr_last(start, delim) : wcsstr(start, delim); else delim_pos = start + wcslen(start); @@ -138,6 +147,16 @@ static int match_part(LPCWSTR *ptarget, LPCWSTR want, LPCWSTR delim) return !want || (!wcsncmp(want, start, len) && !want[len]); } +static int match_part(LPCWSTR *ptarget, LPCWSTR want, LPCWSTR delim) +{ + return match_part_with_last(ptarget, want, delim, 0); +} + +static int match_part_last(LPCWSTR *ptarget, LPCWSTR want, LPCWSTR delim) +{ + return match_part_with_last(ptarget, want, delim, 1); +} + static int match_cred(const CREDENTIALW *cred) { LPCWSTR target = cred->TargetName; @@ -146,7 +165,7 @@ static int match_cred(const CREDENTIALW *cred) return match_part(&target, L"git", L":") && match_part(&target, protocol, L"://") && - match_part(&target, wusername, L"@") && + match_part_last(&target, wusername, L"@") && match_part(&target, host, L"/") && match_part(&target, path, L""); } @@ -61,6 +61,22 @@ static char *canon_hostname; static char *ip_address; static char *tcp_port; +static int hostname_lookup_done; + +static void lookup_hostname(void); + +static const char *get_canon_hostname(void) +{ + lookup_hostname(); + return canon_hostname; +} + +static const char *get_ip_address(void) +{ + lookup_hostname(); + return ip_address; +} + static void logreport(int priority, const char *err, va_list params) { if (log_syslog) { @@ -106,6 +122,46 @@ static void NORETURN daemon_die(const char *err, va_list params) exit(1); } +static void strbuf_addstr_or_null(struct strbuf *sb, const char *s) +{ + if (s) + strbuf_addstr(sb, s); +} + +struct expand_path_context { + const char *directory; +}; + +static size_t expand_path(struct strbuf *sb, const char *placeholder, void *ctx) +{ + struct expand_path_context *context = ctx; + + switch (placeholder[0]) { + case 'H': + strbuf_addstr_or_null(sb, hostname); + return 1; + case 'C': + if (placeholder[1] == 'H') { + strbuf_addstr_or_null(sb, get_canon_hostname()); + return 2; + } + break; + case 'I': + if (placeholder[1] == 'P') { + strbuf_addstr_or_null(sb, get_ip_address()); + return 2; + } + break; + case 'P': + strbuf_addstr_or_null(sb, tcp_port); + return 1; + case 'D': + strbuf_addstr(sb, context->directory); + return 1; + } + return 0; +} + static const char *path_ok(const char *directory) { static char rpath[PATH_MAX]; @@ -144,14 +200,10 @@ static const char *path_ok(const char *directory) } else if (interpolated_path && saw_extended_args) { struct strbuf expanded_path = STRBUF_INIT; - struct strbuf_expand_dict_entry dict[6]; - - dict[0].placeholder = "H"; dict[0].value = hostname; - dict[1].placeholder = "CH"; dict[1].value = canon_hostname; - dict[2].placeholder = "IP"; dict[2].value = ip_address; - dict[3].placeholder = "P"; dict[3].value = tcp_port; - dict[4].placeholder = "D"; dict[4].value = directory; - dict[5].placeholder = NULL; dict[5].value = NULL; + struct expand_path_context context; + + context.directory = directory; + if (*dir != '/') { /* Allow only absolute */ logerror("'%s': Non-absolute path denied (interpolated-path active)", dir); @@ -159,7 +211,7 @@ static const char *path_ok(const char *directory) } strbuf_expand(&expanded_path, interpolated_path, - strbuf_expand_dict_cb, &dict); + expand_path, &context); strlcpy(interp_path, expanded_path.buf, PATH_MAX); strbuf_release(&expanded_path); loginfo("Interpolated dir '%s'", interp_path); @@ -254,8 +306,8 @@ static int run_access_hook(struct daemon_service *service, const char *dir, cons *arg++ = service->name; *arg++ = path; *arg++ = STRARG(hostname); - *arg++ = STRARG(canon_hostname); - *arg++ = STRARG(ip_address); + *arg++ = STRARG(get_canon_hostname()); + *arg++ = STRARG(get_ip_address()); *arg++ = STRARG(tcp_port); *arg = NULL; #undef STRARG @@ -485,6 +537,45 @@ static void parse_host_and_port(char *hostport, char **host, } /* + * Sanitize a string from the client so that it's OK to be inserted into a + * filesystem path. Specifically, we disallow slashes, runs of "..", and + * trailing and leading dots, which means that the client cannot escape + * our base path via ".." traversal. + */ +static void sanitize_client_strbuf(struct strbuf *out, const char *in) +{ + for (; *in; in++) { + if (*in == '/') + continue; + if (*in == '.' && (!out->len || out->buf[out->len - 1] == '.')) + continue; + strbuf_addch(out, *in); + } + + while (out->len && out->buf[out->len - 1] == '.') + strbuf_setlen(out, out->len - 1); +} + +static char *sanitize_client(const char *in) +{ + struct strbuf out = STRBUF_INIT; + sanitize_client_strbuf(&out, in); + return strbuf_detach(&out, NULL); +} + +/* + * Like sanitize_client, but we also perform any canonicalization + * to make life easier on the admin. + */ +static char *canonicalize_client(const char *in) +{ + struct strbuf out = STRBUF_INIT; + sanitize_client_strbuf(&out, in); + strbuf_tolower(&out); + return strbuf_detach(&out, NULL); +} + +/* * Read the host as supplied by the client connection. */ static void parse_host_arg(char *extra_args, int buflen) @@ -505,10 +596,11 @@ static void parse_host_arg(char *extra_args, int buflen) parse_host_and_port(val, &host, &port); if (port) { free(tcp_port); - tcp_port = xstrdup(port); + tcp_port = sanitize_client(port); } free(hostname); - hostname = xstrdup_tolower(host); + hostname = canonicalize_client(host); + hostname_lookup_done = 0; } /* On to the next one */ @@ -517,11 +609,14 @@ static void parse_host_arg(char *extra_args, int buflen) if (extra_args < end && *extra_args) die("Invalid request"); } +} - /* - * Locate canonical hostname and its IP address. - */ - if (hostname) { +/* + * Locate canonical hostname and its IP address. + */ +static void lookup_hostname(void) +{ + if (!hostname_lookup_done && hostname) { #ifndef NO_IPV6 struct addrinfo hints; struct addrinfo *ai; @@ -541,8 +636,9 @@ static void parse_host_arg(char *extra_args, int buflen) ip_address = xstrdup(addrbuf); free(canon_hostname); - canon_hostname = xstrdup(ai->ai_canonname ? - ai->ai_canonname : ip_address); + canon_hostname = ai->ai_canonname ? + sanitize_client(ai->ai_canonname) : + xstrdup(ip_address); freeaddrinfo(ai); } @@ -564,11 +660,12 @@ static void parse_host_arg(char *extra_args, int buflen) addrbuf, sizeof(addrbuf)); free(canon_hostname); - canon_hostname = xstrdup(hent->h_name); + canon_hostname = sanitize_client(hent->h_name); free(ip_address); ip_address = xstrdup(addrbuf); } #endif + hostname_lookup_done = 1; } } @@ -4541,7 +4541,7 @@ void diff_flush(struct diff_options *options) show_stats(&diffstat, options); if (output_format & DIFF_FORMAT_SHORTSTAT) show_shortstats(&diffstat, options); - if (output_format & DIFF_FORMAT_DIRSTAT) + if (output_format & DIFF_FORMAT_DIRSTAT && dirstat_by_line) show_dirstat_by_line(&diffstat, options); free_diffstat_info(&diffstat); separator++; diff --git a/ewah/ewok.h b/ewah/ewok.h index f6ad190a0..13c6e2041 100644 --- a/ewah/ewok.h +++ b/ewah/ewok.h @@ -47,7 +47,8 @@ static inline uint32_t ewah_bit_popcount64(uint64_t x) return (x * 0x0101010101010101ULL) >> 56; } -#ifdef __GNUC__ +/* __builtin_ctzll was not available until 3.4.0 */ +#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR > 3)) #define ewah_bit_ctz64(x) __builtin_ctzll(x) #else static inline int ewah_bit_ctz64(uint64_t x) diff --git a/fast-import.c b/fast-import.c index d0bd285a1..aac2c24f7 100644 --- a/fast-import.c +++ b/fast-import.c @@ -947,9 +947,12 @@ static void unkeep_all_packs(void) static void end_packfile(void) { - if (!pack_data) + static int running; + + if (running || !pack_data) return; + running = 1; clear_delta_base_cache(); if (object_count) { struct packed_git *new_p; @@ -999,6 +1002,7 @@ static void end_packfile(void) } free(pack_data); pack_data = NULL; + running = 0; /* We can't carry a delta across packfiles. */ strbuf_release(&last_blob.data); diff --git a/git-compat-util.h b/git-compat-util.h index 553fc0176..8b72e2a8d 100644 --- a/git-compat-util.h +++ b/git-compat-util.h @@ -164,16 +164,10 @@ typedef long intptr_t; typedef unsigned long uintptr_t; #endif -#if defined(__CYGWIN__) -#undef _XOPEN_SOURCE -#include <grp.h> -#define _XOPEN_SOURCE 600 -#else #undef _ALL_SOURCE /* AIX 5.3L defines a struct list with _ALL_SOURCE. */ #include <grp.h> #define _ALL_SOURCE 1 #endif -#endif /* used on Mac OS X */ #ifdef PRECOMPOSE_UNICODE @@ -212,12 +206,15 @@ extern char *gitbasename(char *); #endif #ifndef NO_OPENSSL +#ifdef __APPLE__ #define __AVAILABILITY_MACROS_USES_AVAILABILITY 0 -#define MAC_OS_X_VERSION_MIN_REQUIRED MAC_OS_X_VERSION_10_6 +#include <AvailabilityMacros.h> +#undef DEPRECATED_ATTRIBUTE +#define DEPRECATED_ATTRIBUTE +#undef __AVAILABILITY_MACROS_USES_AVAILABILITY +#endif #include <openssl/ssl.h> #include <openssl/err.h> -#undef MAC_OS_X_VERSION_MIN_REQUIRED -#undef __AVAILABILITY_MACROS_USES_AVAILABILITY #ifdef NO_HMAC_CTX_CLEANUP #define HMAC_CTX_cleanup HMAC_cleanup #endif diff --git a/git-rebase--interactive.sh b/git-rebase--interactive.sh index c6a4629cb..c96b9847e 100644 --- a/git-rebase--interactive.sh +++ b/git-rebase--interactive.sh @@ -961,14 +961,13 @@ else revisions=$onto...$orig_head shortrevisions=$shorthead fi -git rev-list $merges_option --pretty=oneline --abbrev-commit \ - --abbrev=7 --reverse --left-right --topo-order \ +git rev-list $merges_option --pretty=oneline --reverse --left-right --topo-order \ $revisions ${restrict_revision+^$restrict_revision} | \ sed -n "s/^>//p" | -while read -r shortsha1 rest +while read -r sha1 rest do - if test -z "$keep_empty" && is_empty_commit $shortsha1 && ! is_merge_commit $shortsha1 + if test -z "$keep_empty" && is_empty_commit $sha1 && ! is_merge_commit $sha1 then comment_out="$comment_char " else @@ -977,9 +976,8 @@ do if test t != "$preserve_merges" then - printf '%s\n' "${comment_out}pick $shortsha1 $rest" >>"$todo" + printf '%s\n' "${comment_out}pick $sha1 $rest" >>"$todo" else - sha1=$(git rev-parse $shortsha1) if test -z "$rebase_root" then preserve=t @@ -996,7 +994,7 @@ do if test f = "$preserve" then touch "$rewritten"/$sha1 - printf '%s\n' "${comment_out}pick $shortsha1 $rest" >>"$todo" + printf '%s\n' "${comment_out}pick $sha1 $rest" >>"$todo" fi fi done @@ -1020,8 +1018,8 @@ then # just the history of its first-parent for others that will # be rebasing on top of it git rev-list --parents -1 $rev | cut -d' ' -s -f2 > "$dropped"/$rev - short=$(git rev-list -1 --abbrev-commit --abbrev=7 $rev) - sane_grep -v "^[a-z][a-z]* $short" <"$todo" > "${todo}2" ; mv "${todo}2" "$todo" + sha1=$(git rev-list -1 $rev) + sane_grep -v "^[a-z][a-z]* $sha1" <"$todo" > "${todo}2" ; mv "${todo}2" "$todo" rm "$rewritten"/$rev fi done @@ -1054,6 +1052,7 @@ has_action "$todo" || return 2 cp "$todo" "$todo".backup +collapse_todo_ids git_sequence_editor "$todo" || die_abort "Could not execute editor" diff --git a/git-remote-testgit.sh b/git-remote-testgit.sh index a9c75a236..752c763eb 100755 --- a/git-remote-testgit.sh +++ b/git-remote-testgit.sh @@ -1,7 +1,13 @@ #!/bin/sh # Copyright (c) 2012 Felipe Contreras -alias=$1 +# The first argument can be a url when the fetch/push command was a url +# instead of a configured remote. In this case, use a generic alias. +if test "$1" = "testgit::$2"; then + alias=_ +else + alias=$1 +fi url=$2 dir="$GIT_DIR/testgit/$alias" diff --git a/git-send-email.perl b/git-send-email.perl index 3092ab356..a18a7959e 100755 --- a/git-send-email.perl +++ b/git-send-email.perl @@ -299,6 +299,7 @@ my $rc = GetOptions("h" => \$help, "bcc=s" => \@bcclist, "no-bcc" => \$no_bcc, "chain-reply-to!" => \$chain_reply_to, + "no-chain-reply-to" => sub {$chain_reply_to = 0}, "smtp-server=s" => \$smtp_server, "smtp-server-option=s" => \@smtp_server_options, "smtp-server-port=s" => \$smtp_server_port, @@ -311,25 +312,34 @@ my $rc = GetOptions("h" => \$help, "smtp-domain:s" => \$smtp_domain, "identity=s" => \$identity, "annotate!" => \$annotate, + "no-annotate" => sub {$annotate = 0}, "compose" => \$compose, "quiet" => \$quiet, "cc-cmd=s" => \$cc_cmd, "suppress-from!" => \$suppress_from, + "no-suppress-from" => sub {$suppress_from = 0}, "suppress-cc=s" => \@suppress_cc, "signed-off-cc|signed-off-by-cc!" => \$signed_off_by_cc, + "no-signed-off-cc|no-signed-off-by-cc" => sub {$signed_off_by_cc = 0}, "cc-cover|cc-cover!" => \$cover_cc, + "no-cc-cover" => sub {$cover_cc = 0}, "to-cover|to-cover!" => \$cover_to, + "no-to-cover" => sub {$cover_to = 0}, "confirm=s" => \$confirm, "dry-run" => \$dry_run, "envelope-sender=s" => \$envelope_sender, "thread!" => \$thread, + "no-thread" => sub {$thread = 0}, "validate!" => \$validate, + "no-validate" => sub {$validate = 0}, "transfer-encoding=s" => \$target_xfer_encoding, "format-patch!" => \$format_patch, + "no-format-patch" => sub {$format_patch = 0}, "8bit-encoding=s" => \$auto_8bit_encoding, "compose-encoding=s" => \$compose_encoding, "force" => \$force, "xmailer!" => \$use_xmailer, + "no-xmailer" => sub {$use_xmailer = 0}, ); usage() if $help; diff --git a/git-submodule.sh b/git-submodule.sh index 9245abfd4..36797c3c0 100755 --- a/git-submodule.sh +++ b/git-submodule.sh @@ -423,7 +423,7 @@ cmd_add() sed -e ' s|//*|/|g s|^\(\./\)*|| - s|/\./|/|g + s|/\(\./\)*|/|g :start s|\([^/]*\)/\.\./|| tstart @@ -59,7 +59,7 @@ int get_sha1_hex(const char *hex, unsigned char *sha1) char *sha1_to_hex(const unsigned char *sha1) { static int bufno; - static char hexbuffer[4][50]; + static char hexbuffer[4][41]; static const char hex[] = "0123456789abcdef"; char *buffer = hexbuffer[3 & ++bufno], *buf = buffer; int i; @@ -133,12 +133,12 @@ int term_columns(void) /* * How many columns do we need to show this number in decimal? */ -int decimal_width(int number) +int decimal_width(uintmax_t number) { - int i, width; + int width; - for (width = 1, i = 10; i <= number; width++) - i *= 10; + for (width = 1; number >= 10; width++) + number /= 10; return width; } diff --git a/perl/Git.pm b/perl/Git.pm index b5905ee1a..9026a7bb9 100644 --- a/perl/Git.pm +++ b/perl/Git.pm @@ -695,7 +695,7 @@ Retrieve the integer configuration C<VARIABLE>. The return value is simple decimal number. An optional value suffix of 'k', 'm', or 'g' in the config file will cause the value to be multiplied by 1024, 1048576 (1024^2), or 1073741824 (1024^3) prior to output. -It would return C<undef> if configuration variable is not defined, +It would return C<undef> if configuration variable is not defined. =cut @@ -704,7 +704,7 @@ sub config_int { } # Common subroutine to implement bulk of what the config* family of methods -# do. This curently wraps command('config') so it is not so fast. +# do. This currently wraps command('config') so it is not so fast. sub _config_common { my ($opts) = shift @_; my ($self, $var) = _maybe_self(@_); diff --git a/perl/Git/SVN.pm b/perl/Git/SVN.pm index 8e4af7153..f24372645 100644 --- a/perl/Git/SVN.pm +++ b/perl/Git/SVN.pm @@ -14,6 +14,7 @@ use IPC::Open3; use Memoize; # core since 5.8.0, Jul 2002 use Memoize::Storable; use POSIX qw(:signal_h); +use Time::Local; use Git qw( command @@ -1332,7 +1333,7 @@ sub parse_svn_date { $ENV{TZ} = 'UTC'; my $epoch_in_UTC = - POSIX::strftime('%s', $S, $M, $H, $d, $m - 1, $Y - 1900); + Time::Local::timelocal($S, $M, $H, $d, $m - 1, $Y - 1900); # Determine our local timezone (including DST) at the # time of $epoch_in_UTC. $Git::SVN::Log::TZ stored the diff --git a/perl/Git/SVN/Fetcher.pm b/perl/Git/SVN/Fetcher.pm index 10edb2773..613055a3f 100644 --- a/perl/Git/SVN/Fetcher.pm +++ b/perl/Git/SVN/Fetcher.pm @@ -322,6 +322,14 @@ sub apply_textdelta { # (but $base does not,) so dup() it for reading in close_file open my $dup, '<&', $fh or croak $!; my $base = $::_repository->temp_acquire("git_blob_${$}_$suffix"); + # close_file may call temp_acquire on 'svn_hash', but because of the + # call chain, if the temp_acquire call from close_file ends up being the + # call that first creates the 'svn_hash' temp file, then the FileHandle + # that's created as a result will end up in an SVN::Pool that we clear + # in SVN::Ra::gs_fetch_loop_common. Avoid that by making sure the + # 'svn_hash' FileHandle is already created before close_file is called. + my $tmp_fh = $::_repository->temp_acquire('svn_hash'); + $::_repository->temp_release($tmp_fh, 1); if ($fb->{blob}) { my ($base_is_link, $size); diff --git a/perl/Git/SVN/Ra.pm b/perl/Git/SVN/Ra.pm index 622535e21..32e2f19ea 100644 --- a/perl/Git/SVN/Ra.pm +++ b/perl/Git/SVN/Ra.pm @@ -391,6 +391,9 @@ sub longest_common_path { sub gs_fetch_loop_common { my ($self, $base, $head, $gsv, $globs) = @_; return if ($base > $head); + # Make sure the cat_blob open2 FileHandle is created before calling + # SVN::Pool::new_default so that it does not incorrectly end up in the pool. + $::_repository->_open_cat_blob_if_needed; my $gpool = SVN::Pool->new_default; my $ra_url = $self->url; my $reload_ra = sub { @@ -567,7 +567,7 @@ static char *replace_encoding_header(char *buf, const char *encoding) char *cp = buf; /* guess if there is an encoding header before a \n\n */ - while (strncmp(cp, "encoding ", strlen("encoding "))) { + while (!starts_with(cp, "encoding ")) { cp = strchr(cp, '\n'); if (!cp || *++cp == '\n') return buf; diff --git a/read-cache.c b/read-cache.c index 9cff715d6..8d71860f6 100644 --- a/read-cache.c +++ b/read-cache.c @@ -725,7 +725,7 @@ struct cache_entry *make_cache_entry(unsigned int mode, unsigned int refresh_options) { int size, len; - struct cache_entry *ce; + struct cache_entry *ce, *ret; if (!verify_path(path)) { error("Invalid path '%s'", path); @@ -742,7 +742,13 @@ struct cache_entry *make_cache_entry(unsigned int mode, ce->ce_namelen = len; ce->ce_mode = create_ce_mode(mode); - return refresh_cache_entry(ce, refresh_options); + ret = refresh_cache_entry(ce, refresh_options); + if (!ret) { + free(ce); + return NULL; + } else { + return ret; + } } int ce_same_name(const struct cache_entry *a, const struct cache_entry *b) diff --git a/sha1_file.c b/sha1_file.c index 30995e61b..69a60ec88 100644 --- a/sha1_file.c +++ b/sha1_file.c @@ -3359,31 +3359,42 @@ static int for_each_file_in_obj_subdir(int subdir_nr, return r; } -int for_each_loose_file_in_objdir(const char *path, +int for_each_loose_file_in_objdir_buf(struct strbuf *path, each_loose_object_fn obj_cb, each_loose_cruft_fn cruft_cb, each_loose_subdir_fn subdir_cb, void *data) { - struct strbuf buf = STRBUF_INIT; - size_t baselen; + size_t baselen = path->len; int r = 0; int i; - strbuf_addstr(&buf, path); - strbuf_addch(&buf, '/'); - baselen = buf.len; - for (i = 0; i < 256; i++) { - strbuf_addf(&buf, "%02x", i); - r = for_each_file_in_obj_subdir(i, &buf, obj_cb, cruft_cb, + strbuf_addf(path, "/%02x", i); + r = for_each_file_in_obj_subdir(i, path, obj_cb, cruft_cb, subdir_cb, data); - strbuf_setlen(&buf, baselen); + strbuf_setlen(path, baselen); if (r) break; } + return r; +} + +int for_each_loose_file_in_objdir(const char *path, + each_loose_object_fn obj_cb, + each_loose_cruft_fn cruft_cb, + each_loose_subdir_fn subdir_cb, + void *data) +{ + struct strbuf buf = STRBUF_INIT; + int r; + + strbuf_addstr(&buf, path); + r = for_each_loose_file_in_objdir_buf(&buf, obj_cb, cruft_cb, + subdir_cb, data); strbuf_release(&buf); + return r; } @@ -3396,9 +3407,16 @@ static int loose_from_alt_odb(struct alternate_object_database *alt, void *vdata) { struct loose_alt_odb_data *data = vdata; - return for_each_loose_file_in_objdir(alt->base, - data->cb, NULL, NULL, - data->data); + struct strbuf buf = STRBUF_INIT; + int r; + + /* copy base not including trailing '/' */ + strbuf_add(&buf, alt->base, alt->name - alt->base - 1); + r = for_each_loose_file_in_objdir_buf(&buf, + data->cb, NULL, NULL, + data->data); + strbuf_release(&buf); + return r; } int for_each_loose_object(each_loose_object_fn cb, void *data) diff --git a/sha1_name.c b/sha1_name.c index cf2a83b14..95f9f8fa1 100644 --- a/sha1_name.c +++ b/sha1_name.c @@ -1391,9 +1391,7 @@ static int get_sha1_with_context_1(const char *name, namelen = strlen(cp); } - strncpy(oc->path, cp, - sizeof(oc->path)); - oc->path[sizeof(oc->path)-1] = '\0'; + strlcpy(oc->path, cp, sizeof(oc->path)); if (!active_cache) read_cache(); @@ -1443,9 +1441,7 @@ static int get_sha1_with_context_1(const char *name, name, len); } hashcpy(oc->tree, tree_sha1); - strncpy(oc->path, filename, - sizeof(oc->path)); - oc->path[sizeof(oc->path)-1] = '\0'; + strlcpy(oc->path, filename, sizeof(oc->path)); free(new_filename); return ret; diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh index d88da29f7..db2ef22e8 100755 --- a/t/lib-gpg.sh +++ b/t/lib-gpg.sh @@ -23,6 +23,8 @@ else # To write armored exported key to keyring: # gpg --homedir /tmp/gpghome --export-secret-keys \ # --armor 0xDEADBEEF >> lib-gpg/keyring.gpg + # gpg --homedir /tmp/gpghome --export \ + # --armor 0xDEADBEEF >> lib-gpg/keyring.gpg # To export ownertrust: # gpg --homedir /tmp/gpghome --export-ownertrust \ # > lib-gpg/ownertrust @@ -34,6 +36,8 @@ else "$TEST_DIRECTORY"/lib-gpg/keyring.gpg && gpg --homedir "${GNUPGHOME}" 2>/dev/null --import-ownertrust \ "$TEST_DIRECTORY"/lib-gpg/ownertrust && + gpg --homedir "${GNUPGHOME}" </dev/null >/dev/null 2>&1 \ + --sign -u committer@example.com && test_set_prereq GPG ;; esac diff --git a/t/lib-gpg/keyring.gpg b/t/lib-gpg/keyring.gpg index fb1f048c2..d4754a1f1 100644 --- a/t/lib-gpg/keyring.gpg +++ b/t/lib-gpg/keyring.gpg @@ -86,3 +86,57 @@ Z9Ei+zj6JD5Pcdi3BJhQo9WOLOVEJ0NHmewTYqk9QVXH/0v1Hdl4LMJtgcbdbDWk BOW78WUxzhu0YJTLKy+iKCjg5HS5dx6OC+e4aEEgfhNPCMkbvDsJjtQ= =hieJ -----END PGP PRIVATE KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1 + +mQGiBEZnyykRBACzCPjIpTYNL7Y2tQqlEGTTDlvZcWNLjF5f7ZzuyOqNOidLUgFD +36qch1LZLSZkShdR3Gae+bsolyjxrlFuFP0eXRPMtqK20aLw7WZvPFpEV1ThMne+ +PRJjYrvghWw3L0VVIAIZ8GXwrVBuU99uEjHEI0ojYloOvFc2jVPgSaoBvwCg48Tj +fol2foSoJa7XUu9yAL8szg8D/RUsTzNF+I9hSRHl7MYKFMYoKEY9BDgrgAujp7YY +8qdGsiUb0Ggyzp2kRjZFt4lpcvKhGfHn5GEjmtk+fRbD5qPfMqKFW+T0NPfYlYmL +JJ4fs4qZ8Lx7x6iG6X51u+YNwsQuIGjMCC3CeNi3F7or651kkNYASbaQ1NROkCIN +NudyA/0aasvoZUoNJAc2cP5Ifs6WhXMWLfMR2p2XbfKwKNYneec60usnSComcKqh +sJVk0Gytvr3FOYVhRkXnKAbx+0W2urFP8OFVBTEKO6Ts2VygWGgneQYoHnqzwlUE +yjOjlr+lyf7u2s/KAxpKA6jnttEdRZAmzWkhuox1wwAUkr27/bQiQyBPIE1pdHRl +ciA8Y29tbWl0dGVyQGV4YW1wbGUuY29tPoheBBMRAgAeBQJGZ8spAhsDBgsJCAcD +AgMVAgMDFgIBAh4BAheAAAoJEBO29R7N3kMNdB0AoL3Z/7A6tORuY8R/676oD8a/ +oHFDAJ9DXbwlcKLcykwHy0jYqajXm1iCebkCDQRGZ8tOEAgAzrl5P1Pr6CDR8mf5 +DGGzcUUM+PEroA4FLdKJ5ZaZc7qy1lmmW9vuvb6xdinwcwee2c5fdNE+iUjHV2x2 +S/dbfDzJTN/0uajZcw+xnf+KxZ0Rs4gDSs7cHXHBtA7u8ShYd4Hu7JggXpiwgfSk +yrGQiZyLAHW2ck8H07Go8eUP8fLIeva+iPqeYQZo9BaPz92R/J6debpeY1lRkv+y +WTq1GE3C/hxbdBAuHf2duLP2uq9kwoVdfzCRjgV1CQmMIbCrMb7vIlzIe96bb3+K +r/+NEtmB2I3wHBXcwJMnIOnz9Zv933KNlxSbVF23BGLB+F9D7OanKymbs7Eg18fr +mt/t/wAEDQgAtGIxGz944Pn2OtheY9JlBRuIAuVskm24/Zz03dZnk6CuEOIBb5IM +g36GAPKcn1vsLZ0TfE1q53jNpcAAXjgngnRsCjZm1mglqPD4ZfBpl+Hhnuc80fAR +xsUPj+5c8KP2M+Rws4moaZRjVpd3KCi3ceflT/OjwnE9DzdhslCGTMA5n8cajAs2 +oqAaQssefVf2prLQLGV9NB4Q3lFnKXdvipHMaAYAsW+iF7JkhTDVNuNGlufeSqUm +igRBjTZXBcVd8sj8vDOCWKUfqxJyS+zRYcotn7QvpvcKAkc3ZGxntDHAIGLVp6ay ++vrkV4Ren8BjFobl25Ruy6Abw+CgnTpuwYhJBBgRAgAJBQJGZ8tOAhsMAAoJEBO2 +9R7N3kMNwewAoNBygC0NYkW6lVGqV4EJ7PHhDaSEAJwKz78u0Twtv2EL7Zy+ve4f +mnzYApkBDQRRTJZHAQgAyYv8ZwBfMiN+Dx4pUgmzO1bThTte6BTJKbuHIDdkKT7j +OTFY8nL68ykoLmRbzwgy83gBSVtbj8S+Eh2h0pIrAqxYYox+ziVnDjzT0hQsLvop +wKALLx5uJ7OqXw2ckY1Ux0mOK3TCEqihUaM2l7vLx3gUcyIRZ7mwQnqSmVtO6Cj5 +65xC1U1VElFSPunpfCRZiSFscSzS4X0UUjxdL+DA1zxf/4glomQyPidaS70OVf3+ +2LX7AxldKD2Ouie9gRSRueeXigbbZzWPdNS5iN6HJ+T+YlZ1w2qjBJcOxSqZwDV7 +nIGNx+JC8jZCN7NydAhm1yO29zAVrY3LboVr9athuQARAQABtCRFcmlzIERpc2Nv +cmRpYSA8ZGlzY29yZEBleGFtcGxlLm5ldD6JATgEEwECACIFAlFMlkcCGwMGCwkI +BwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEGEJLoW3InGJWKMH+wfn/hQ3C1X8PF8x +pSpLtRejyNchgrewDDtvyZJjuC5YB7iIBaanuW/14ypdCLEXG1S4raoiKJHPLvux +/MmFOuww5Yqu7dYKgcvqk4Uh3IJ+ljCk2qgqjhNo8x8qrpSAM0LCUPnOUkaHxGQC +k+EGtg8vp7Klg6SBO/GiXdFZ5JPVOh9lbgAb1HjfyDIL8T6+duaPqwQ+y1OCdwrT +s31frDuvt93WvgZvVIZEeLQuB/59XQzdSWLsQUG4MU6v4fJinuP+/2L8vuVrGHfe +mUSxNmRVnll7SpMJmG0ONht0mVF2mfEfDrW08lK42xSoqTuML18Ico7tZfXMQLK3 +GusW0gi5AQ0EUUyWRwEIAKk7TxXE16jPlKO2zqKPnXB4vFw3//F0hJmXzCnP1OaU +kwZO4dYEirhs4xdp98EJugPPtdNb0y2kOj6BQxVvLkAdNJo8phq0Q2BYM/G44Z2n +pGZwOF04a9UTo334DIbN7k6Qnm3VfpS/CtKCUx3N/Uzy04NtwxXEUgzftwESSUu/ +gkQSG7fS+YDm6YAOB1Gqf6OjeztOK0Dj1PNzAKp8KNiUzvw3ndM6GndFaN9TZpOB +firxBOdn7Rh23e8qiFBigbdknkwIfOdGnC3jWT/ldWO2rQQq+/85viaR1qvTh+/z +aJpRCJMS/Fg7fBnwCqKmYKnny/gAhJy2wLdXbt39BbMAEQEAAYkBHwQYAQIACQUC +UUyWRwIbDAAKCRBhCS6FtyJxiexxCADF5DH+HDlppwLr73EptyqS4IblopPXcn59 +bGPyBuWraCivsqZlf05QZTGahUM7jyCUE/FS25sbS5Q4SRtOC2yOnPGsSGcTjmSi +8uZ000stes7ahHku3onxyz2YNVBRchBCENV1tAjQwHrliofdBEY8peAoOz51kmfR +Ivs4+iQ+T3HYtwSYUKPVjizlRCdDR5nsE2KpPUFVx/9L9R3ZeCzCbYHG3Ww1pOFE +5F24PaZ97pgoJDSd1bPH1pyFjvSM3a9v8KxWNib1E+2L5fsLDSFmrbzhMxsu5wTl +u/FlMc4btGCUyysvoigo4OR0uXcejgvnuGhBIH4TTwjJG7w7CY7U +=iYv/ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/t/lib-httpd.sh b/t/lib-httpd.sh index fd53b5718..d154d1ed1 100644 --- a/t/lib-httpd.sh +++ b/t/lib-httpd.sh @@ -37,7 +37,7 @@ then test_done fi -if ! test_have_prereq SANITY; then +if ! test_have_prereq NOT_ROOT; then test_skip_or_die $GIT_TEST_HTTPD \ "Cannot run httpd tests as root" fi diff --git a/t/t0061-run-command.sh b/t/t0061-run-command.sh index 17e969df6..9acf62872 100755 --- a/t/t0061-run-command.sh +++ b/t/t0061-run-command.sh @@ -34,7 +34,7 @@ test_expect_success POSIXPERM 'run_command reports EACCES' ' grep "fatal: cannot exec.*hello.sh" err ' -test_expect_success POSIXPERM 'unreadable directory in PATH' ' +test_expect_success POSIXPERM,SANITY 'unreadable directory in PATH' ' mkdir local-command && test_when_finished "chmod u+rwx local-command && rm -fr local-command" && git config alias.nitfol "!echo frotz" && diff --git a/t/t1307-config-blob.sh b/t/t1307-config-blob.sh index fdc257e66..3c6791e6b 100755 --- a/t/t1307-config-blob.sh +++ b/t/t1307-config-blob.sh @@ -67,4 +67,13 @@ test_expect_success 'parse errors in blobs are properly attributed' ' grep "HEAD:config" err ' +test_expect_success 'can parse blob ending with CR' ' + printf "[some]key = value\\r" >config && + git add config && + git commit -m CR && + echo value >expect && + git config --blob=HEAD:config some.key >actual && + test_cmp expect actual +' + test_done diff --git a/t/t1509-root-worktree.sh b/t/t1509-root-worktree.sh index 335420fd8..b6977d4b3 100755 --- a/t/t1509-root-worktree.sh +++ b/t/t1509-root-worktree.sh @@ -98,8 +98,16 @@ test_foobar_foobar() { ' } -if ! test_have_prereq POSIXPERM || ! [ -w / ]; then - skip_all="Dangerous test skipped. Read this test if you want to execute it" +if ! test -w / +then + skip_all="Test requiring writable / skipped. Read this test if you want to run it" + test_done +fi + +if test -e /refs || test -e /objects || test -e /info || test -e /hooks || + test -e /.git || test -e /foo || test -e /me +then + skip_all="Skip test that clobbers existing files in /" test_done fi @@ -108,8 +116,9 @@ if [ "$IKNOWWHATIAMDOING" != "YES" ]; then test_done fi -if [ "$UID" = 0 ]; then - skip_all="No you can't run this with root" +if ! test_have_prereq NOT_ROOT +then + skip_all="No you can't run this as root" test_done fi diff --git a/t/t3404-rebase-interactive.sh b/t/t3404-rebase-interactive.sh index 8197ed29a..a31f7e043 100755 --- a/t/t3404-rebase-interactive.sh +++ b/t/t3404-rebase-interactive.sh @@ -1039,4 +1039,11 @@ test_expect_success 'short SHA-1 collide' ' ) ' +test_expect_success 'respect core.abbrev' ' + git config core.abbrev 12 && + set_cat_todo_editor && + test_must_fail git rebase -i HEAD~4 >todo-list && + test 4 = $(grep -c "pick [0-9a-f]\{12,\}" todo-list) +' + test_done diff --git a/t/t4047-diff-dirstat.sh b/t/t4047-diff-dirstat.sh index ed7e09336..0d50dce97 100755 --- a/t/t4047-diff-dirstat.sh +++ b/t/t4047-diff-dirstat.sh @@ -973,4 +973,18 @@ test_expect_success 'diff.dirstat=future_param,0,lines should warn, but still wo test_i18ngrep -q "diff\\.dirstat" actual_error ' +test_expect_success '--shortstat --dirstat should output only one dirstat' ' + git diff --shortstat --dirstat=changes HEAD^..HEAD >out && + grep " dst/copy/changed/$" out >actual_diff_shortstat_dirstat_changes && + test_line_count = 1 actual_diff_shortstat_dirstat_changes && + + git diff --shortstat --dirstat=lines HEAD^..HEAD >out && + grep " dst/copy/changed/$" out >actual_diff_shortstat_dirstat_lines && + test_line_count = 1 actual_diff_shortstat_dirstat_lines && + + git diff --shortstat --dirstat=files HEAD^..HEAD >out && + grep " dst/copy/changed/$" out >actual_diff_shortstat_dirstat_files && + test_line_count = 1 actual_diff_shortstat_dirstat_files +' + test_done diff --git a/t/t4122-apply-symlink-inside.sh b/t/t4122-apply-symlink-inside.sh index 70b3a06e1..1779c0a56 100755 --- a/t/t4122-apply-symlink-inside.sh +++ b/t/t4122-apply-symlink-inside.sh @@ -52,4 +52,110 @@ test_expect_success 'check result' ' ' +test_expect_success SYMLINKS 'do not read from beyond symbolic link' ' + git reset --hard && + mkdir -p arch/x86_64/dir && + >arch/x86_64/dir/file && + git add arch/x86_64/dir/file && + echo line >arch/x86_64/dir/file && + git diff >patch && + git reset --hard && + + mkdir arch/i386/dir && + >arch/i386/dir/file && + ln -s ../i386/dir arch/x86_64/dir && + + test_must_fail git apply patch && + test_must_fail git apply --cached patch && + test_must_fail git apply --index patch + +' + +test_expect_success SYMLINKS 'do not follow symbolic link (setup)' ' + + rm -rf arch/i386/dir arch/x86_64/dir && + git reset --hard && + ln -s ../i386/dir arch/x86_64/dir && + git add arch/x86_64/dir && + git diff HEAD >add_symlink.patch && + git reset --hard && + + mkdir arch/x86_64/dir && + >arch/x86_64/dir/file && + git add arch/x86_64/dir/file && + git diff HEAD >add_file.patch && + git diff -R HEAD >del_file.patch && + git reset --hard && + rm -fr arch/x86_64/dir && + + cat add_symlink.patch add_file.patch >patch && + cat add_symlink.patch del_file.patch >tricky_del && + + mkdir arch/i386/dir +' + +test_expect_success SYMLINKS 'do not follow symbolic link (same input)' ' + + # same input creates a confusing symbolic link + test_must_fail git apply patch 2>error-wt && + test_i18ngrep "beyond a symbolic link" error-wt && + test_path_is_missing arch/x86_64/dir && + test_path_is_missing arch/i386/dir/file && + + test_must_fail git apply --index patch 2>error-ix && + test_i18ngrep "beyond a symbolic link" error-ix && + test_path_is_missing arch/x86_64/dir && + test_path_is_missing arch/i386/dir/file && + test_must_fail git ls-files --error-unmatch arch/x86_64/dir && + test_must_fail git ls-files --error-unmatch arch/i386/dir && + + test_must_fail git apply --cached patch 2>error-ct && + test_i18ngrep "beyond a symbolic link" error-ct && + test_must_fail git ls-files --error-unmatch arch/x86_64/dir && + test_must_fail git ls-files --error-unmatch arch/i386/dir && + + >arch/i386/dir/file && + git add arch/i386/dir/file && + + test_must_fail git apply tricky_del && + test_path_is_file arch/i386/dir/file && + + test_must_fail git apply --index tricky_del && + test_path_is_file arch/i386/dir/file && + test_must_fail git ls-files --error-unmatch arch/x86_64/dir && + git ls-files --error-unmatch arch/i386/dir && + + test_must_fail git apply --cached tricky_del && + test_must_fail git ls-files --error-unmatch arch/x86_64/dir && + git ls-files --error-unmatch arch/i386/dir +' + +test_expect_success SYMLINKS 'do not follow symbolic link (existing)' ' + + # existing symbolic link + git reset --hard && + ln -s ../i386/dir arch/x86_64/dir && + git add arch/x86_64/dir && + + test_must_fail git apply add_file.patch 2>error-wt-add && + test_i18ngrep "beyond a symbolic link" error-wt-add && + test_path_is_missing arch/i386/dir/file && + + mkdir arch/i386/dir && + >arch/i386/dir/file && + test_must_fail git apply del_file.patch 2>error-wt-del && + test_i18ngrep "beyond a symbolic link" error-wt-del && + test_path_is_file arch/i386/dir/file && + rm arch/i386/dir/file && + + test_must_fail git apply --index add_file.patch 2>error-ix-add && + test_i18ngrep "beyond a symbolic link" error-ix-add && + test_path_is_missing arch/i386/dir/file && + test_must_fail git ls-files --error-unmatch arch/i386/dir && + + test_must_fail git apply --cached add_file.patch 2>error-ct-file && + test_i18ngrep "beyond a symbolic link" error-ct-file && + test_must_fail git ls-files --error-unmatch arch/i386/dir +' + test_done diff --git a/t/t4139-apply-escape.sh b/t/t4139-apply-escape.sh new file mode 100755 index 000000000..45b5660a4 --- /dev/null +++ b/t/t4139-apply-escape.sh @@ -0,0 +1,141 @@ +#!/bin/sh + +test_description='paths written by git-apply cannot escape the working tree' +. ./test-lib.sh + +# tests will try to write to ../foo, and we do not +# want them to escape the trash directory when they +# fail +test_expect_success 'bump git repo one level down' ' + mkdir inside && + mv .git inside/ && + cd inside +' + +# $1 = name of file +# $2 = current path to file (if different) +mkpatch_add () { + rm -f "${2:-$1}" && + cat <<-EOF + diff --git a/$1 b/$1 + new file mode 100644 + index 0000000..53c74cd + --- /dev/null + +++ b/$1 + @@ -0,0 +1 @@ + +evil + EOF +} + +mkpatch_del () { + echo evil >"${2:-$1}" && + cat <<-EOF + diff --git a/$1 b/$1 + deleted file mode 100644 + index 53c74cd..0000000 + --- a/$1 + +++ /dev/null + @@ -1 +0,0 @@ + -evil + EOF +} + +# $1 = name of file +# $2 = content of symlink +mkpatch_symlink () { + rm -f "$1" && + cat <<-EOF + diff --git a/$1 b/$1 + new file mode 120000 + index 0000000..$(printf "%s" "$2" | git hash-object --stdin) + --- /dev/null + +++ b/$1 + @@ -0,0 +1 @@ + +$2 + \ No newline at end of file + EOF +} + +test_expect_success 'cannot create file containing ..' ' + mkpatch_add ../foo >patch && + test_must_fail git apply patch && + test_path_is_missing ../foo +' + +test_expect_success 'can create file containing .. with --unsafe-paths' ' + mkpatch_add ../foo >patch && + git apply --unsafe-paths patch && + test_path_is_file ../foo +' + +test_expect_success 'cannot create file containing .. (index)' ' + mkpatch_add ../foo >patch && + test_must_fail git apply --index patch && + test_path_is_missing ../foo +' + +test_expect_success 'cannot create file containing .. with --unsafe-paths (index)' ' + mkpatch_add ../foo >patch && + test_must_fail git apply --index --unsafe-paths patch && + test_path_is_missing ../foo +' + +test_expect_success 'cannot delete file containing ..' ' + mkpatch_del ../foo >patch && + test_must_fail git apply patch && + test_path_is_file ../foo +' + +test_expect_success 'can delete file containing .. with --unsafe-paths' ' + mkpatch_del ../foo >patch && + git apply --unsafe-paths patch && + test_path_is_missing ../foo +' + +test_expect_success 'cannot delete file containing .. (index)' ' + mkpatch_del ../foo >patch && + test_must_fail git apply --index patch && + test_path_is_file ../foo +' + +test_expect_success SYMLINKS 'symlink escape via ..' ' + { + mkpatch_symlink tmp .. && + mkpatch_add tmp/foo ../foo + } >patch && + test_must_fail git apply patch && + test_path_is_missing tmp && + test_path_is_missing ../foo +' + +test_expect_success SYMLINKS 'symlink escape via .. (index)' ' + { + mkpatch_symlink tmp .. && + mkpatch_add tmp/foo ../foo + } >patch && + test_must_fail git apply --index patch && + test_path_is_missing tmp && + test_path_is_missing ../foo +' + +test_expect_success SYMLINKS 'symlink escape via absolute path' ' + { + mkpatch_symlink tmp "$(pwd)" && + mkpatch_add tmp/foo ../foo + } >patch && + test_must_fail git apply patch && + test_path_is_missing tmp && + test_path_is_missing ../foo +' + +test_expect_success SYMLINKS 'symlink escape via absolute path (index)' ' + { + mkpatch_symlink tmp "$(pwd)" && + mkpatch_add tmp/foo ../foo + } >patch && + test_must_fail git apply --index patch && + test_path_is_missing tmp && + test_path_is_missing ../foo +' + +test_done diff --git a/t/t5304-prune.sh b/t/t5304-prune.sh index e32e46dee..0794d33da 100755 --- a/t/t5304-prune.sh +++ b/t/t5304-prune.sh @@ -253,4 +253,12 @@ test_expect_success 'prune .git/shallow' ' test_path_is_missing .git/shallow ' +test_expect_success 'prune: handle alternate object database' ' + test_create_repo A && + git -C A commit --allow-empty -m "initial commit" && + git clone --shared A B && + git -C B commit --allow-empty -m "next commit" && + git -C B prune +' + test_done diff --git a/t/t5570-git-daemon.sh b/t/t5570-git-daemon.sh index 6b1637995..b7e283252 100755 --- a/t/t5570-git-daemon.sh +++ b/t/t5570-git-daemon.sh @@ -142,4 +142,31 @@ test_expect_success 'read access denied' "test_remote_error -x 'no such reposito test_expect_success 'not exported' "test_remote_error -n 'repository not exported' fetch repo.git " stop_git_daemon +start_git_daemon --interpolated-path="$GIT_DAEMON_DOCUMENT_ROOT_PATH/%H%D" + +test_expect_success 'access repo via interpolated hostname' ' + repo="$GIT_DAEMON_DOCUMENT_ROOT_PATH/localhost/interp.git" && + git init --bare "$repo" && + git push "$repo" HEAD && + >"$repo"/git-daemon-export-ok && + rm -rf tmp.git && + GIT_OVERRIDE_VIRTUAL_HOST=localhost \ + git clone --bare "$GIT_DAEMON_URL/interp.git" tmp.git && + rm -rf tmp.git && + GIT_OVERRIDE_VIRTUAL_HOST=LOCALHOST \ + git clone --bare "$GIT_DAEMON_URL/interp.git" tmp.git +' + +test_expect_success 'hostname cannot break out of directory' ' + rm -rf tmp.git && + repo="$GIT_DAEMON_DOCUMENT_ROOT_PATH/../escape.git" && + git init --bare "$repo" && + git push "$repo" HEAD && + >"$repo"/git-daemon-export-ok && + test_must_fail \ + env GIT_OVERRIDE_VIRTUAL_HOST=.. \ + git clone --bare "$GIT_DAEMON_URL/escape.git" tmp.git +' + +stop_git_daemon test_done diff --git a/t/t5801-remote-helpers.sh b/t/t5801-remote-helpers.sh index 241940754..c9d3ed14c 100755 --- a/t/t5801-remote-helpers.sh +++ b/t/t5801-remote-helpers.sh @@ -281,4 +281,28 @@ test_expect_success 'push messages' ' ) ' +test_expect_success 'fetch HEAD' ' + (cd server && + git checkout master && + echo more >>file && + git commit -a -m more + ) && + (cd local && + git fetch origin HEAD + ) && + compare_refs server HEAD local FETCH_HEAD +' + +test_expect_success 'fetch url' ' + (cd server && + git checkout master && + echo more >>file && + git commit -a -m more + ) && + (cd local && + git fetch "testgit::${PWD}/../server" + ) && + compare_refs server HEAD local FETCH_HEAD +' + test_done diff --git a/t/t6023-merge-file.sh b/t/t6023-merge-file.sh index 375896176..190ee903c 100755 --- a/t/t6023-merge-file.sh +++ b/t/t6023-merge-file.sh @@ -69,7 +69,8 @@ test_expect_success 'works in subdirectory' ' cp new1.txt dir/a.txt && cp orig.txt dir/o.txt && cp new2.txt dir/b.txt && - ( cd dir && git merge-file a.txt o.txt b.txt ) + ( cd dir && git merge-file a.txt o.txt b.txt ) && + test_path_is_missing a.txt ' cp new1.txt test.txt diff --git a/t/t7400-submodule-basic.sh b/t/t7400-submodule-basic.sh index 7c8824503..5811a982f 100755 --- a/t/t7400-submodule-basic.sh +++ b/t/t7400-submodule-basic.sh @@ -171,6 +171,23 @@ test_expect_success 'submodule add with ./ in path' ' test_cmp empty untracked ' +test_expect_success 'submodule add with /././ in path' ' + echo "refs/heads/master" >expect && + >empty && + + ( + cd addtest && + git submodule add "$submodurl" dotslashdotsubmod/././frotz/./ && + git submodule init + ) && + + rm -f heads head untracked && + inspect addtest/dotslashdotsubmod/frotz ../../.. && + test_cmp expect heads && + test_cmp expect head && + test_cmp empty untracked +' + test_expect_success 'submodule add with // in path' ' echo "refs/heads/master" >expect && >empty && diff --git a/t/t9001-send-email.sh b/t/t9001-send-email.sh index af6a3e890..051305545 100755 --- a/t/t9001-send-email.sh +++ b/t/t9001-send-email.sh @@ -392,7 +392,7 @@ test_expect_success $PREREQ 'allow long lines with --no-validate' ' --from="Example <nobody@example.com>" \ --to=nobody@example.com \ --smtp-server="$(pwd)/fake.sendmail" \ - --novalidate \ + --no-validate \ $patches longline.patch \ 2>errors ' @@ -426,7 +426,7 @@ test_expect_success $PREREQ 'In-Reply-To without --chain-reply-to' ' git send-email \ --from="Example <nobody@example.com>" \ --to=nobody@example.com \ - --nochain-reply-to \ + --no-chain-reply-to \ --in-reply-to="$(cat expect)" \ --smtp-server="$(pwd)/fake.sendmail" \ $patches $patches $patches \ @@ -1067,7 +1067,7 @@ test_expect_success $PREREQ 'in-reply-to but no threading' ' --from="Example <nobody@example.com>" \ --to=nobody@example.com \ --in-reply-to="<in-reply-id@example.com>" \ - --nothread \ + --no-thread \ $patches | grep "In-Reply-To: <in-reply-id@example.com>" ' @@ -1077,7 +1077,7 @@ test_expect_success $PREREQ 'no in-reply-to and no threading' ' --dry-run \ --from="Example <nobody@example.com>" \ --to=nobody@example.com \ - --nothread \ + --no-thread \ $patches $patches >stdout && ! grep "In-Reply-To: " stdout ' @@ -1088,7 +1088,7 @@ test_expect_success $PREREQ 'threading but no chain-reply-to' ' --from="Example <nobody@example.com>" \ --to=nobody@example.com \ --thread \ - --nochain-reply-to \ + --no-chain-reply-to \ $patches $patches >stdout && grep "In-Reply-To: " stdout ' diff --git a/t/test-lib.sh b/t/test-lib.sh index bb1402de9..c09677802 100644 --- a/t/test-lib.sh +++ b/t/test-lib.sh @@ -1031,9 +1031,33 @@ test_lazy_prereq USR_BIN_TIME ' test -x /usr/bin/time ' -# When the tests are run as root, permission tests will report that -# things are writable when they shouldn't be. -test -w / || test_set_prereq SANITY +test_lazy_prereq NOT_ROOT ' + uid=$(id -u) && + test "$uid" != 0 +' + +# On a filesystem that lacks SANITY, a file can be deleted even if +# the containing directory doesn't have write permissions, or a file +# can be accessed even if the containing directory doesn't have read +# or execute permissions, causing our tests that validate that Git +# works sensibly in such situations. +test_lazy_prereq SANITY ' + mkdir SANETESTD.1 SANETESTD.2 && + + chmod +w SANETESTD.1 SANETESTD.2 && + >SANETESTD.1/x 2>SANETESTD.2/x && + chmod -w SANETESTD.1 && + chmod -rx SANETESTD.2 || + error "bug in test sript: cannot prepare SANETESTD" + + ! rm SANETESTD.1/x && ! test -f SANETESTD.2/x + status=$? + + chmod +rwx SANETESTD.1 SANETESTD.2 && + rm -rf SANETESTD.1 SANETESTD.2 || + error "bug in test sript: cannot clean SANETESTD" + return $status +' GIT_UNZIP=${GIT_UNZIP:-unzip} test_lazy_prereq UNZIP ' @@ -1,7 +1,6 @@ #include "cache.h" #include "string-list.h" #include "run-command.h" -#include "string-list.h" #include "commit.h" #include "trailer.h" /* diff --git a/transport-helper.c b/transport-helper.c index 0224687a2..7dc4a443a 100644 --- a/transport-helper.c +++ b/transport-helper.c @@ -5,7 +5,6 @@ #include "commit.h" #include "diff.h" #include "revision.h" -#include "quote.h" #include "remote.h" #include "string-list.h" #include "thread-utils.h" @@ -356,7 +355,8 @@ static int fetch_with_fetch(struct transport *transport, continue; strbuf_addf(&buf, "fetch %s %s\n", - sha1_to_hex(posn->old_sha1), posn->name); + sha1_to_hex(posn->old_sha1), + posn->symref ? posn->symref : posn->name); } strbuf_addch(&buf, '\n'); @@ -454,7 +454,8 @@ static int fetch_with_import(struct transport *transport, if (posn->status & REF_STATUS_UPTODATE) continue; - strbuf_addf(&buf, "import %s\n", posn->name); + strbuf_addf(&buf, "import %s\n", + posn->symref ? posn->symref : posn->name); sendline(data, &buf); strbuf_reset(&buf); } @@ -487,14 +488,15 @@ static int fetch_with_import(struct transport *transport, * fast-forward or this is a forced update. */ for (i = 0; i < nr_heads; i++) { - char *private; + char *private, *name; posn = to_fetch[i]; if (posn->status & REF_STATUS_UPTODATE) continue; + name = posn->symref ? posn->symref : posn->name; if (data->refspecs) - private = apply_refspecs(data->refspecs, data->refspec_nr, posn->name); + private = apply_refspecs(data->refspecs, data->refspec_nr, name); else - private = xstrdup(posn->name); + private = xstrdup(name); if (private) { read_ref(private, posn->old_sha1); free(private); @@ -860,7 +862,7 @@ static int push_refs_with_export(struct transport *transport, die("helper %s does not support dry-run", data->name); } else if (flags & TRANSPORT_PUSH_CERT) { if (set_helper_option(transport, TRANS_OPT_PUSH_CERT, "true") != 0) - die("helper %s does not support dry-run", data->name); + die("helper %s does not support --signed", data->name); } if (flags & TRANSPORT_PUSH_FORCE) { diff --git a/userdiff.c b/userdiff.c index fad52d639..2ccbee50c 100644 --- a/userdiff.c +++ b/userdiff.c @@ -1,6 +1,5 @@ #include "cache.h" #include "userdiff.h" -#include "cache.h" #include "attr.h" static struct userdiff_driver *drivers; |