| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
| |
The git protocol provides no transport security. https does provide
transport security and should be preferred by default. https is also
more likely than git to be permitted by firewalls in restricted
environments.
Signed-off-by: Daniel M. Weeks <dan@danweeks.net>
|
|
|
|
|
|
|
|
| |
We currently ignore symlinks in ui-plain, leading to a 404. In ui-tree
we print the content of the blob (that is, the path to the target of the
link), so it makes sense to do the same here.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
| |
After the previous two patches, this can be classified as a tidy up
rather than a bug fix, but I think it makes sense to group all of the
tests together before setting up the environment for the command to
execute.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By specifying the "url" query parameter multiple times it is possible to
end up with ctx.qry.vpath set while ctx.repo is null, which triggers an
invalid code path from cgit_print_pageheader() while printing path
crumbs, resulting in a null dereference.
The previous patch fixed this segfault, but it makes no sense for us to
clear ctx.repo while leaving ctx.qry.path set to the previous value, so
let's just clear it here so that the last "url" parameter given takes
full effect rather than partially overriding the effect of the previous
value.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cgit_print_path_crumbs() can call repolink() which assumes that ctx.repo
is non-null. Currently we don't have any commands that set want_vpath
without also setting want_repo so it shouldn't be possible to fail this
test, but the check in cgit.c is in the wrong order so it is possible to
specify a query string like "?p=log&path=foo/bar" to end up here without
a valid repository.
This was found by American fuzzy lop [0].
[0] http://lcamtuf.coredump.cx/afl/
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
| |
If the delimiter here is '&' then it needs to be escaped for inclusion
in an attribute. Use html_attrf() to ensure that this happens (we know
that hex won't need escaping, but this makes it clearer what's
happening.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Numerous changes were made to git functions to use an object_id
structure rather than sending sha1 hashes as raw unsigned character
arrays. The functions that affect cgit are: parse_object,
lookup_commit_reference, lookup_tag, lookup_tree, parse_tree_indirect,
diff_root_tree_sha1, diff_tree_sha1, and format_display_notes.
Commit b2141fc (config: don't include config.h by default) made it
necessary to that config.h be explicitly included when needed.
Commit 07a3d41 (grep: remove regflags from the public grep_opt API)
removed one way of specifying the ignore-case grep option.
Signed-off-by: Jeff Smith <whydoubt@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Update to git version v2.13.4: With commit 8aee769f (pathspec: copy and free
owned memory) the definition of struct pathspec_item has changed with the
expectation that pathspecs will be managed dynamically. We work around this
a bit by setting up a static structure, but let's allocate the match string
to avoid needing to cast away const.
Updated a patch from John Keeping <john@keeping.me.uk> for git v2.12.1.
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When empty repos exist, comparing them against an existing repo with a
good mtime might, with particular qsort implementations, not sort
correctly, because of this brokenness:
if (get_repo_modtime(r1, &t) && get_repo_modtime(r2, &t))
However, sorting by the age column works as expected, so anyway, to tidy
things up, we simply reuse that function.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
| |
The array passed to setup_revisions() must be NULL-terminated. Fixes a
regression introduced in 455b598 (ui-patch.c: Use log_tree_commit() to
generate diffs, 2013-08-20).
Reported-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
|
| |
|
|
|
|
|
| |
Update to git version v2.11.0. Function write_archive()
dropped argument (int setup_prefix).
|
|
|
|
|
|
| |
Debian GNU/Hurd uses the GNU C library.
Signed-off-by: Peter Colberg <peter@colberg.org>
|
|
|
|
|
|
|
| |
The submodule was accidentally downgraded in commit 8e9ddd21 (Bump
version, 2016-11-23). Restore v2.10.2 so it matches the makefile again.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
| |
|
|
|
|
|
|
| |
This is stolen from kernel.org css [0].
[0] https://git.kernel.org/cgit-korg-0.10.1.css
|
|
|
|
| |
Update to git version v2.10.2, no changes required.
|
|
|
|
|
|
|
| |
We have to use a pointer for walk_tree_ctx->matched_oid.
This fixes faulty commit 6e4b7b6776eb994e795fa38b2619db6c55e10ecc
(ui-blob: replace 'unsigned char sha1[20]' with 'struct object_id oid').
|
| |
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was originally applied added in commit eac1b67 (ui-patch: Apply
path limit to generated patch, 2010-06-10) but the ability to limit
patches to particular paths was lost in commit 455b598 (ui-patch.c: Use
log_tree_commit() to generate diffs, 2013-08-20).
The new output is slightly different from the original because Git's
diff infrastructure doesn't give us a way to insert an annotation
immediately after the "---" separator, so the commit has moved below the
diff stat.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
| |
|
|
|
|
| |
Update to git version v2.10.1, no changes required.
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
| |
Data structures have been replaced already, so use correct function calls.
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
In addition replace memmove() with hashcpy().
|
|
|
|
|
|
| |
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of reimplementing URL parameter parsing from scratch, use
url_decode_parameter_name() and url_decode_parameter_value() which are
already provided by Git.
Also, change the return type of http_parse_querystring() to void since
its only caller already ignores the return value.
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
|
|
|
|
|
|
|
|
|
| |
As libgit.a moves away from using fixed size buffers, there is no
guarantee that PATH_MAX is sufficient for all of the paths in a Git
tree, so we should use a dynamically sized buffer here.
Coverity-Id: 141884
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
| |
Free the taginfo when we're done with it. Also reduce the scope of a
couple of variables so that it's clear that this is the only path that
uses the taginfo structure.
Coverity-Id: 141883
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
| |
We will use this function from ui-tag.c in the next patch.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
| |
This return value is never used and the function always returns NULL.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
| |
If we have only a single element in a directory (for example in Java
package paths), display multiple directories in one go so that it is
possible to navigate directly to the first directory that contains
either files or multiple directories.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
| |
git.git's coding style avoids decl-after-statement and we generally try
to follow it but a few warnings have crept in recently. Fix the one in
ui-ssdiff.c
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
| |
git.git's coding style avoids decl-after-statement and we generally try
to follow it but a few warnings have crept in recently. Fix the ones in
ui-shared.c
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently we can end up passing EOF to isspace(), which is in fact
libgit's sane_isspace which does:
((sane_ctype[(unsigned char)(x)] & (GIT_SPACE)) != 0)
It is very unlikely that EOF cast to "unsigned char" will end up in a
character that has the GIT_SPACE bit set, but the standard only requires
that EOF be a negative integer, so it could access any value in the
sane_ctype array.
If it does end up returning true for isspace() then this loop will never
terminate, so handle EOF as a special value in the same way as the other
loops in this function.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
|
|
|
|
| |
Upstream continues to replace unsigned char *sha1 with struct
object_id old_oid. This makes the required changes.
The git lib has its own main function now. Rename our main function
to cmd_main, it is called from main then.
|
|
|
|
|
|
| |
This is run soon before exiting so it wasn't leaked for long.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
|
|
|
|
|
|
| |
Update to git version v2.9.1, no changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
|