Permalink
Commits on Dec 15, 2010
  1. Git 1.6.4.5

    gitster committed Dec 15, 2010
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  2. gitweb: Introduce esc_attr to escape attributes of HTML elements

    jnareb authored and gitster committed Dec 14, 2010
    It is needed only to escape attributes of handcrafted HTML elements,
    and not those generated using CGI.pm subroutines / methods for HTML
    generation.
    
    While at it, add esc_url and esc_html where needed, and prefer to use
    CGI.pm HTML generating methods than handcrafted HTML code.  Most of
    those are probably unnecessary (could be exploited only by person with
    write access to gitweb config, or at least access to the repository).
    
    This fixes CVE-2010-3906
    
    Reported-by: Emanuele Gentili <e.gentili@tigersecurity.it>
    Helped-by: John 'Warthog9' Hawley <warthog9@kernel.org>
    Helped-by: Jonathan Nieder <jrnieder@gmail.com>
    Signed-off-by: Jakub Narebski <jnareb@gmail.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Jul 25, 2010
  1. Check size of path buffer before writing into it

    Greg Brockman authored and gitster committed Jul 20, 2010
    This prevents a buffer overrun that could otherwise be triggered by
    creating a file called '.git' with contents
    
      gitdir: (something really long)
    
    Signed-off-by: Greg Brockman <gdb@mit.edu>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Jul 7, 2010
  1. rev-parse: fix --parse-opt --keep-dashdash --stop-at-non-option

    ukleinek authored and gitster committed Jul 6, 2010
    The ?: operator has a lower priority than |, so the implicit associativity
    made the 6th argument of parse_options be PARSE_OPT_KEEP_DASHDASH if
    keep_dashdash was true discarding PARSE_OPT_STOP_AT_NON_OPTION and
    PARSE_OPT_SHELL_EVAL.
    
    Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Jan 19, 2010
  1. Merge branch 'maint-1.6.3' into maint-1.6.4

    gitster committed Jan 19, 2010
    * maint-1.6.3:
      base85: Make the code more obvious instead of explaining the non-obvious
      base85: encode_85() does not use the decode table
      base85 debug code: Fix length byte calculation
      checkout -m: do not try to fall back to --merge from an unborn branch
      branch: die explicitly why when calling "git branch [-a|-r] branchname".
      textconv: stop leaking file descriptors
      commit: --cleanup is a message option
      git count-objects: handle packs bigger than 4G
      t7102: make the test fail if one of its check fails
    
    Conflicts:
    	builtin-commit.c
  2. Merge branch 'maint-1.6.2' into maint-1.6.3

    gitster committed Jan 19, 2010
    * maint-1.6.2:
      base85: Make the code more obvious instead of explaining the non-obvious
      base85: encode_85() does not use the decode table
      base85 debug code: Fix length byte calculation
      checkout -m: do not try to fall back to --merge from an unborn branch
      branch: die explicitly why when calling "git branch [-a|-r] branchname".
      textconv: stop leaking file descriptors
      commit: --cleanup is a message option
      git count-objects: handle packs bigger than 4G
      t7102: make the test fail if one of its check fails
    
    Conflicts:
    	diff.c
  3. Merge commit 'v1.6.4.4-8-g8de6518' into maint-1.6.4

    gitster committed Jan 19, 2010
    * commit 'v1.6.4.4-8-g8de6518':
      Fix mis-backport of t7002
  4. Fix mis-backport of t7002

    gitster committed Jan 19, 2010
    The original patch that became cfe370c (grep: do not segfault when -f is
    used, 2009-10-16), was made against "maint" or newer branch back then, but
    the fix addressed the issue that was present as far as in 1.6.4 series.
    
    The maintainer backported the patch to the 1.6.4 maintenance branch, but
    failed to notice that the new tests assumed the setup done by the script
    in "maint", which did quite a lot more than the same test script in 1.6.4
    series, and the output didn't match the expected result.
    
    This should fix it.
    
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Jan 10, 2010
  1. Merge branch 'maint-1.6.1' into maint-1.6.2

    gitster committed Jan 10, 2010
    * maint-1.6.1:
      base85: Make the code more obvious instead of explaining the non-obvious
      base85: encode_85() does not use the decode table
      base85 debug code: Fix length byte calculation
      checkout -m: do not try to fall back to --merge from an unborn branch
      branch: die explicitly why when calling "git branch [-a|-r] branchname".
      textconv: stop leaking file descriptors
      commit: --cleanup is a message option
      git count-objects: handle packs bigger than 4G
      t7102: make the test fail if one of its check fails
    
    Conflicts:
    	diff.c
  2. Merge branch 'maint-1.6.0' into maint-1.6.1

    gitster committed Jan 10, 2010
    * maint-1.6.0:
      base85: Make the code more obvious instead of explaining the non-obvious
      base85: encode_85() does not use the decode table
      base85 debug code: Fix length byte calculation
      checkout -m: do not try to fall back to --merge from an unborn branch
      branch: die explicitly why when calling "git branch [-a|-r] branchname".
  3. base85: Make the code more obvious instead of explaining the non-obvious

    Andreas Gruenbacher authored and gitster committed Jan 8, 2010
    Here is another cleanup ...
    
    Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  4. base85: encode_85() does not use the decode table

    Andreas Gruenbacher authored and gitster committed Jan 8, 2010
    Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  5. base85 debug code: Fix length byte calculation

    Andreas Gruenbacher authored and gitster committed Jan 8, 2010
    Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Jan 7, 2010
  1. checkout -m: do not try to fall back to --merge from an unborn branch

    gitster committed Jan 7, 2010
    If switching from an unborn branch (= empty tree) to a valid commit failed
    without -m, it would fail with -m option as well.
    
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Dec 31, 2009
  1. branch: die explicitly why when calling "git branch [-a|-r] branchname".

    moy authored and gitster committed Dec 30, 2009
    The -a and -r options used to be silently ignored in such a command.
    
    Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Dec 30, 2009
  1. textconv: stop leaking file descriptors

    peff authored and gitster committed Dec 30, 2009
    We read the output from textconv helpers over a pipe, but we
    never actually closed our end of the pipe after using it.
    
    Signed-off-by: Jeff King <peff@peff.net>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  2. Merge branch 'maint-1.6.0' into maint-1.6.1

    gitster committed Dec 30, 2009
    * maint-1.6.0:
      commit: --cleanup is a message option
      t7102: make the test fail if one of its check fails
  3. commit: --cleanup is a message option

    Greg Price authored and gitster committed Dec 29, 2009
    In the usage message for "git commit", the --cleanup option appeared
    at the end, as one of the "contents options":
    
    usage: git commit [options] [--] <filepattern>...
    ...
    Commit message options
    ...
    Commit contents options
    ...
        --allow-empty         ok to record an empty change
        --cleanup <default>   how to strip spaces and #comments from message
    
    This is confusing, in part because it makes it ambiguous whether
    --allow-empty, just above, refers to an empty diff or an empty message.
    
    Move --cleanup into the 'message options' group.  Also add a pair of
    comments to prevent similar oversights in the future.
    
    Signed-off-by: Greg Price <price@ksplice.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  4. git count-objects: handle packs bigger than 4G

    andreas-schwab authored and gitster committed Dec 29, 2009
    Use off_t to count sizes of packs and objects to avoid overflow after
    4Gb.
    
    Signed-off-by: Andreas Schwab <schwab@linux-m68k.org>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  5. t7102: make the test fail if one of its check fails

    pclouds authored and gitster committed Dec 29, 2009
    Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Oct 28, 2009
  1. rebase -i: more graceful handling of invalid commands

    jast authored and gitster committed Oct 27, 2009
    Currently, when there is an invalid command, the rest of the line is
    still treated as if the command had been valid, i.e. rebase -i attempts
    to produce a patch, using the next argument as a SHA1 name. If there is
    no next argument or an invalid one, very confusing error messages
    appear (the line was '.'; path to git-rebase-todo substituted):
    
    Unknown command: .
    fatal: ambiguous argument 'Please fix this in the file $somefile.':
    unknown revision or path not in the working tree.
    Use '--' to separate paths from revisions
    fatal: Not a valid object name Please fix this in the file $somefile.
    fatal: bad revision 'Please fix this in the file $somefile.'
    
    Instead, verify the validity of the remaining line and error out earlier
    if necessary.
    
    Signed-off-by: Jan Krüger <jk@jk.gs>
    Acked-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  2. help -i: properly error out if no info viewer can be found

    Gerrit Pape authored and gitster committed Oct 27, 2009
    With this commit, git help -i <cmd> prints an error message and exits
    non-zero instead of being silent and exit code 0.
    
    Reported by Trent W. Buck through
     http://bugs.debian.org/537664
    
    Signed-off-by: Gerrit Pape <pape@smarden.org>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Oct 25, 2009
  1. Merge branch 'jk/maint-1.6.3-ls-files-no-ignore-cached' into maint-1.6.4

    gitster committed Oct 25, 2009
    * jk/maint-1.6.3-ls-files-no-ignore-cached:
      ls-files: excludes should not impact tracked files
  2. Merge branch 'jn/maint-1.6.3-check-ref-format-doc' into maint-1.6.4

    gitster committed Oct 25, 2009
    * jn/maint-1.6.3-check-ref-format-doc:
      Documentation: describe check-ref-format --branch
Commits on Oct 17, 2009
  1. grep: do not segfault when -f is used

    kraai authored and gitster committed Oct 16, 2009
    "git grep" would segfault if its -f option was used because it would
    try to use an uninitialized strbuf, so initialize the strbuf.
    
    Thanks to Johannes Sixt <j.sixt@viscovery.net> for the help with the
    test cases.
    
    Signed-off-by: Matt Kraai <kraai@ftbfs.org>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Oct 12, 2009
  1. Documentation: describe check-ref-format --branch

    jrn authored and gitster committed Oct 12, 2009
    Unless one already knew, it was not obvious what sort of shorthand
    "git check-ref-format --branch" expands.  Explain it.
    
    The --branch argument is not optional.
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  2. git-stash documentation: mention default options for 'list'

    Miklos Vajna authored and gitster committed Oct 12, 2009
    Signed-off-by: Miklos Vajna <vmiklos@frugalware.org>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  3. ls-files: excludes should not impact tracked files

    peff authored and gitster committed Oct 12, 2009
    In all parts of git, .gitignore and other exclude files
    impact only how we treat untracked files; they should have
    no effect on files listed in the index.
    
    This behavior was originally implemented very early on in
    9ff768e, but only for --exclude-from. Later, commit 63d285c
    accidentally caused us to trigger the behavior for
    --exclude-per-directory.
    
    This patch totally ignores excludes for files found in the
    index. This means we are reversing the original intent of
    9ff768e, while at the same time fixing the accidental
    behavior of 63d285c. This is a good thing, though, as the
    way that 9ff768e behaved does not really make sense with the
    way exclusions are used in modern git.
    
    Signed-off-by: Jeff King <peff@peff.net>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Oct 9, 2009
  1. ls-files: die instead of fprintf/exit in -i error

    Ben Walton authored and gitster committed Oct 9, 2009
    When ls-files was called with -i but no exclude pattern, it was
    calling fprintf(stderr, "...", NULL) and then exiting.  On Solaris,
    passing NULL into fprintf was causing a segfault.  On glibc systems,
    it was simply producing incorrect output (eg: "(null)": ...).  The
    NULL pointer was a result of argv[0] not being preserved by the option
    parser.  Instead of requesting that the option parser preserve
    argv[0], use die() with a constant string.
    
    A trigger for this bug was: `git ls-files -i`
    
    Signed-off-by: Ben Walton <bwalton@artsci.utoronto.ca>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Oct 7, 2009
  1. fast-import.c::validate_raw_date(): really validate the value

    gitster committed Sep 29, 2009
    When reading the "raw format" timestamp from the input stream, make sure
    that the timezone offset is a reasonable value by imitating 7122f82
    (date.c: improve guess between timezone offset and year., 2006-06-08).
    
    We _might_ want to also check if the timestamp itself is reasonable, but
    that is left for a separate commit.
    
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Oct 4, 2009
  1. Merge branch 'jc/maint-1.6.4-show-branch-default' into maint

    gitster committed Oct 4, 2009
    * jc/maint-1.6.4-show-branch-default:
      show-branch: fix segfault when showbranch.default exists
  2. show-branch: fix segfault when showbranch.default exists

    gitster committed Jun 9, 2009
    When running "git show-branch" without any parameter in a repository that
    has showbranch.default defined, we used to rely on the fact that our
    handcrafted option parsing loop never looked at av[0].
    
    The array of default strings had the first real command line argument in
    default_arg[0], but the option parser wanted to look at the array starting
    at av[1], so we assigned the address of -1th element to av to force the
    loop start working from default_arg[0].
    
    This no longer worked since 5734365 (show-branch: migrate to parse-options
    API, 2009-05-21), as parse_options_start() saved the incoming &av[0] in
    its ctx->out and later in parse_options_end() it did memmove to ctx->out
    (with ctx->cpidx == 0), overwriting the memory before default_arg[] array.
    
    I am not sure if this is a bug in parse_options(), or a bug in the caller,
    and tonight I do not have enough concentration to figure out which.  In
    any case, this patch works the issue around.
    
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Sep 20, 2009
  1. push: Correctly initialize nonfastforward in transport_push.

    moy authored and gitster committed Sep 20, 2009
    The variable is assigned unconditionally in print_push_status, but
    print_push_status is not reached by all codepaths. In particular, this
    fixes a bug where "git push ... nonexisting-branch" was complaining about
    non-fast forward.
    
    Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
Commits on Sep 16, 2009
  1. GIT 1.6.4.4

    gitster committed Sep 16, 2009
    Signed-off-by: Junio C Hamano <gitster@pobox.com>
  2. Merge branch 'jc/maint-unpack-objects-strict' into maint

    gitster committed Sep 16, 2009
    * jc/maint-unpack-objects-strict:
      Fix "unpack-objects --strict"
    
    Conflicts:
    	builtin-unpack-objects.c