Mirror of https://git.kernel.org/pub/scm/git/git.git/ https://git.shady.money/git/atom?h=v2.41.2 2023-04-10T16:53:19Z 2023-04-10T16:53:19Z Phillip Wood phillip.wood@dunelm.org.uk 2023-04-10T09:08:30Z urn:sha1:4960e5c7bdd399e791353bc6c551f09298746f61 To store the strategy options rebase prepends " --" to each one and writes them to a file. To load them it reads the file and passes the contents to split_cmdline(). This roughly mimics the behavior of the scripted rebase but has a couple of limitations, (1) options containing whitespace are not properly preserved (this is true of the scripted rebase as well) and (2) options containing '"' or '\' are incorrectly parsed and may cause the parser to return an error. Fix these limitations by quoting each option when they are stored so that they can be parsed correctly. Now that "--preserve-merges" no longer exist this change also stops prepending "--" to the options when they are stored as that was an artifact of the scripted rebase. These changes are backwards compatible so the files written by an older version of git can still be read. They are also forwards compatible, the file can still be parsed by recent versions of git as they treat the "--" prefix as optional. Reviewed-by: Elijah Newren <newren@gmail.com> Signed-off-by: Phillip Wood <phillip.wood@dunelm.org.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2023-02-24T01:25:28Z Elijah Newren newren@gmail.com 2023-02-24T00:09:24Z urn:sha1:36bf19589055fb71aac0ed6719dfe5b385adc2bf This allows us to replace includes of cache.h with includes of the much smaller alloc.h in many places. It does mean that we also need to add includes of alloc.h in a number of C files. Signed-off-by: Elijah Newren <newren@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2022-10-01T04:23:38Z Kevin Backhouse kevinbackhouse@github.com 2022-09-28T22:53:32Z urn:sha1:0ca6ead81edd4fb1984b69aae87c1189e3025530 This function improperly uses an int to represent the number of entries in the resulting argument array. This allows a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting argv array is typically passed to execv(), it may be possible to leverage this attack to gain remote code execution on a victim machine. This was almost certainly the case for certain configurations of git-shell until the previous commit limited the size of input it would accept. Other calls to split_cmdline() are typically limited by the size of argv the OS is willing to hand us, so are similarly protected. So this is not strictly fixing a known vulnerability, but is a hardening of the function that is worth doing to protect against possible unknown vulnerabilities. One approach to fixing this would be modifying the signature of `split_cmdline()` to look something like: int split_cmdline(char *cmdline, const char ***argv, size_t *argc); Where the return value of `split_cmdline()` is negative for errors, and zero otherwise. If non-NULL, the `*argc` pointer is modified to contain the size of the `**argv` array. But this implies an absurdly large `argv` array, which more than likely larger than the system's argument limit. So even if split_cmdline() allowed this, it would fail immediately afterwards when we called execv(). So instead of converting all of `split_cmdline()`'s callers to work with `size_t` types in this patch, instead pursue the minimal fix here to prevent ever returning an array with more than INT_MAX entries in it. Signed-off-by: Kevin Backhouse <kevinbackhouse@github.com> Signed-off-by: Taylor Blau <me@ttaylorr.com> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Taylor Blau <me@ttaylorr.com> 2018-11-12T05:47:09Z Nguyễn Thái Ngọc Duy pclouds@gmail.com 2018-11-10T05:16:01Z urn:sha1:a7412ae1342b09f16d659d75da5d25f137800a60 This function can be part of translated messages. To make sure we don't have a sentence with mixed languages, mark the strings for translation, but only use translated strings in places we know we will output translated strings. Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2018-05-21T04:23:14Z Nguyễn Thái Ngọc Duy pclouds@gmail.com 2018-05-20T18:40:08Z urn:sha1:3301d36b29467a05107340e4d9688ebf74335021 By providing aliases via --list-cmds=, we could simplify command collection code in the script. We only issue one git command. Before this patch that is "git config", after it's "git --list-cmds=". In "git help" completion case we actually reduce one "git" process (for getting guides) but that call was added in this series so it does not really count. A couple of bash functions are removed because they are not needed anymore. __git_compute_all_commands() and $__git_all_commands stay because they are still needed for completing pager.* config and without "alias" group, the result is still cacheable. There is a slight (good) change in _git_help() with this patch: before "git help <tab>" shows external commands (as in _not_ part of git) as well as part of $__git_all_commands. We have finer control over command listing now and can exclude that because we can't provide a man page for external commands anyway. Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2018-05-21T04:23:14Z Nguyễn Thái Ngọc Duy pclouds@gmail.com 2018-05-20T18:40:06Z urn:sha1:65b5f9483eafea0ccdea59884da4e00e0cfeee1f Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2017-07-20T23:29:59Z Junio C Hamano gitster@pobox.com 2017-07-20T23:29:59Z urn:sha1:099b74b4b267f72dfab916f28a0b17fceb293900 A recent update broke an alias that contained an uppercase letter. * js/alias-case-sensitivity: alias: compare alias name *case-insensitively* t1300: demonstrate that CamelCased aliases regressed 2017-07-17T21:00:12Z Johannes Schindelin johannes.schindelin@gmx.de 2017-07-14T08:39:38Z urn:sha1:643df7e234dda47a4748311361a82df5415b7bc1 It is totally legitimate to add CamelCased aliases, but due to the way config keys are compared, the case does not matter. Therefore, we must compare the alias name insensitively to the config keys. This fixes a regression introduced by a9bcf6586d1 (alias: use the early config machinery to expand aliases, 2017-06-14). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2017-06-24T21:28:41Z Junio C Hamano gitster@pobox.com 2017-06-24T21:28:41Z urn:sha1:50f03c6676ed5ea040dd53272882d3aac2ee1b48 A common pattern to free a piece of memory and assign NULL to the pointer that used to point at it has been replaced with a new FREE_AND_NULL() macro. * ab/free-and-null: *.[ch] refactoring: make use of the FREE_AND_NULL() macro coccinelle: make use of the "expression" FREE_AND_NULL() rule coccinelle: add a rule to make "expression" code use FREE_AND_NULL() coccinelle: make use of the "type" FREE_AND_NULL() rule coccinelle: add a rule to make "type" code use FREE_AND_NULL() git-compat-util: add a FREE_AND_NULL() wrapper around free(ptr); ptr = NULL 2017-06-16T19:44:03Z Ævar Arnfjörð Bjarmason avarab@gmail.com 2017-06-15T23:15:46Z urn:sha1:6a83d902073803c4141e02c53decf8c03e35da27 Apply the result of the just-added coccinelle rule. This manually excludes a few occurrences, mostly things that resulted in many FREE_AND_NULL() on one line, that'll be manually fixed in a subsequent change. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>