Matt McCutchen [Sun, 8 Feb 2009 00:00:09 +0000 (19:00 -0500)]
gitweb: add $prevent_xss option to prevent XSS by repository content
Add a gitweb configuration variable $prevent_xss that disables features
to prevent content in repositories from launching cross-site scripting
(XSS) attacks in the gitweb domain. Currently, this option makes gitweb
ignore README.html (a better solution may be worked out in the future)
and serve a blob_plain file of an untrusted type with
"Content-Disposition: attachment", which tells the browser not to show
the file at its original URL.
The XSS prevention is currently off by default.
Signed-off-by: Matt McCutchen <matt@mattmccutchen.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
rev-list: fix showing distance when using --bisect-all
Before d467a52 ("Make '--decorate' set an explicit 'show_decorations'
flag", Nov 3 2008), commit decorations were shown whenever they exist, and
distances stored in them by "git rev-list --bisect-all" were automatically
shown. d467a52 changed the rule so that commit decorations are not shown
unless rev_info explicitly asks to, with its show_decorations bit, but
forgot that the ones "git rev-list --bisect-all" adds need to be shown.
This patch fixes this old breakage.
Signed-off-by: Christian Couder <chriscool@tuxfamily.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
David J. Mellor [Thu, 5 Feb 2009 04:14:29 +0000 (20:14 -0800)]
Fixed broken git help -w when installing from RPM
After the git-core package was renamed to git, git help -w was still looking
for files in /usr/share/doc/git-core-$VERSION instead of
/usr/share/doc/git-$VERSION.
Signed-off-by: David J. Mellor <dmellor@whistlingcat.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Wed, 4 Feb 2009 19:49:07 +0000 (11:49 -0800)]
Merge branch 'maint-1.6.0' into maint
* maint-1.6.0:
builtin-mv.c: check for unversionned files before looking at the destination.
Add a testcase for "git mv -f" on untracked files.
Missing && in t/t7001.sh.
Matthieu Moy [Wed, 4 Feb 2009 09:32:08 +0000 (10:32 +0100)]
builtin-mv.c: check for unversionned files before looking at the destination.
The previous code was failing in the case where one moves an
unversionned file to an existing destination, with mv -f: the
"existing destination" was checked first, and the error was cancelled
by the force flag.
We now check the unrecoverable error first, which fixes the bug.
Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Wed, 4 Feb 2009 07:50:09 +0000 (23:50 -0800)]
Merge branch 'maint-1.6.0' into maint
* maint-1.6.0:
User-manual: "git stash <comment>" form is long gone
add test-dump-cache-tree in Makefile
fix typo in Documentation
apply: fix access to an uninitialized mode variable, found by valgrind
Guanqun Lu [Wed, 4 Feb 2009 21:00:41 +0000 (05:00 +0800)]
add test-dump-cache-tree in Makefile
5c5ba73 (Makefile: Use generic rule to build test programs,
2007-05-31) tried to use generic rule to build test programs, but it
misses the file 'dump-cache-tree.c', since its name is not prefixed by
'test-'. This commit solves this little problem by renaming this file
instead of carrying out an explicit rule in Makefile.
Signed-off-by: Guanqun Lu <guanqun.lu@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
apply: fix access to an uninitialized mode variable, found by valgrind
When 'tpatch' was initialized successfully, st_mode was already taken
from the previous diff. We should not try to override it with data
from an lstat() that was never called.
This is a companion patch to 7a07841(git-apply: handle a patch that
touches the same path more than once better).
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
René Scharfe [Sat, 31 Jan 2009 14:39:10 +0000 (15:39 +0100)]
merge: fix out-of-bounds memory access
The parameter n of unpack_callback() can have a value of up to
MAX_UNPACK_TREES. The check at the top of unpack_trees() (its only
(indirect) caller) makes sure it cannot exceed this limit.
unpack_callback() passes it and the array src to unpack_nondirectories(),
which has this loop:
for (i = 0; i < n; i++) {
/* ... */
src[i + o->merge] = o->df_conflict_entry;
o->merge can be 0 or 1, so unpack_nondirectories() potentially accesses
the array src at index MAX_UNPACK_TREES. This patch makes it big enough.
Reported-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: René Scharfe <rene.scharfe@lsrfire.ath.cx> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jeff King [Thu, 29 Jan 2009 05:56:34 +0000 (00:56 -0500)]
avoid 31-bit truncation in write_loose_object
The size of the content we are adding may be larger than
2.1G (i.e., "git add gigantic-file"). Most of the code-path
to do so uses size_t or unsigned long to record the size,
but write_loose_object uses a signed int.
On platforms where "int" is 32-bits (which includes x86_64
Linux platforms), we end up passing malloc a negative size.
Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Wed, 28 Jan 2009 04:21:31 +0000 (20:21 -0800)]
send-pack: do not send unknown object name from ".have" to pack-objects
v1.6.1 introduced ".have" extension to the protocol to allow the receiving
side to advertise objects that are reachable from refs in the repositories
it borrows from. This was meant to be used by the sending side to avoid
sending such objects; they are already available through the alternates
mechanism.
The client side implementation in v1.6.1, which was introduced with 40c155f (push: prepare sender to receive extended ref information from the
receiver, 2008-09-09) aka v1.6.1-rc1~203^2~1, were faulty in that it did
not consider the possiblity that the repository receiver borrows from
might have objects it does not know about.
This fixes it by refraining from passing missing commits to underlying
pack-objects. Revision machinery may need to be tightened further to
treat missing uninteresting objects as non-error events, but this is an
obvious and safe fix for a maintenance release that is almost good enough.
Junio C Hamano [Mon, 26 Jan 2009 08:08:24 +0000 (00:08 -0800)]
diff.c: output correct index lines for a split diff
A patch that changes the filetype (e.g. regular file to symlink) of a path
must be split into a deletion event followed by a creation event, which
means that we need to have two independent metainfo lines for each.
However, the code reused the single set of metainfo lines.
As the blob object names recorded on the index lines are usually not used
nor validated on the receiving end, this is not an issue with normal use
of the resulting patch. However, when accepting a binary patch to delete
a blob, git-apply verified that the postimage blob object name on the
index line is 0{40}, hence a patch that deletes a regular file blob that
records binary contents to create a blob with different filetype (e.g. a
symbolic link) failed to apply. "git am -3" also uses the blob object
names recorded on the index line, so it would also misbehave when
synthesizing a preimage tree.
This moves the code to generate metainfo lines around, so that two
independent sets of metainfo lines are used for the split halves.
Additional tests by Jeff King.
Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Include examples of using HEAD. The order of examples
introduces new concepts one by one. This pushes the
example of deleting a ref to the end of the list.
Junio C Hamano [Mon, 26 Jan 2009 06:25:20 +0000 (22:25 -0800)]
Documentation: simplify refspec format description
The refspec format description was a mix of regexp and BNF, making it
very difficult to read. The format was also wrong: it did not show
that each part of a refspec is optional in different situations.
Rather than having a confusing grammar, just present the format in
informal prose.
Signed-off-by: Anders Melchiorsen <mail@cup.kalibalik.dk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Sat, 24 Jan 2009 03:04:48 +0000 (19:04 -0800)]
Merge branch 'tr/maint-no-index-fixes' into maint
* tr/maint-no-index-fixes:
diff --no-index -q: fix endless loop
diff --no-index: test for pager after option parsing
diff: accept -- when using --no-index
Junio C Hamano [Sat, 24 Jan 2009 02:59:26 +0000 (18:59 -0800)]
Merge branch 'am/maint-push-doc' into maint
* am/maint-push-doc:
Documentation: avoid using undefined parameters
Documentation: mention branches rather than heads
Documentation: remove a redundant elaboration
Documentation: git push repository can also be a remote
The documentation for git-describe says the default abbreviation is 8
hexadecimal digits while cache.c clearly shows DEFAULT_ABBREV set to 7.
This patch corrects the documentation.
Signed-off-by: Boyd Stephen Smith Jr <bss@iguanasuicide.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Björn Steinbrink [Tue, 20 Jan 2009 15:59:57 +0000 (16:59 +0100)]
Rename detection: Avoid repeated filespec population
In diffcore_rename, we assume that the blob contents in the filespec
aren't required anymore after estimate_similarity has been called and thus
we free it. But estimate_similarity might return early when the file sizes
differ too much. In that case, cnt_data is never set and the next call to
estimate_similarity will populate the filespec again, eventually rereading
the same blob over and over again.
To fix that, we first get the blob sizes and only when the blob contents
are actually required, and when cnt_data will be set, the full filespec is
populated, once.
Signed-off-by: Björn Steinbrink <B.Steinbrink@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Keith Cascio [Thu, 15 Jan 2009 00:48:24 +0000 (16:48 -0800)]
test more combinations of ignore-whitespace options to diff
There are three flags involved (-w -b and --ignore-space-at-eol) which
makes 8 combinations possible in total, but only 3 cases are tested (none,
-w alone and -b alone).
This adds the other 5 cases.
Signed-off-by: Keith Cascio <keith@cs.ucla.edu> Signed-off-by: Junio C Hamano <gitster@pobox.com>
The "matching refs" semantics works only on matching branches these days.
Instead of using "heads" which traditionally has been used more or less
interchangeably with "refs", say "branch" explicitly here.
Signed-off-by: Anders Melchiorsen <mail@cup.kalibalik.dk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Sun, 18 Jan 2009 06:27:08 +0000 (22:27 -0800)]
bundle: allow the same ref to be given more than once
"git bundle create x master master" used to create a bundle that lists
the same branch (master) twice. Cloning from such a bundle resulted in
a needless warning "warning: Duplicated ref: refs/remotes/origin/master".
Junio C Hamano [Sun, 18 Jan 2009 06:39:49 +0000 (22:39 -0800)]
Merge branch 'maint-1.6.0' into maint
* maint-1.6.0:
builtin-fsck: fix off by one head count
Documentation: let asciidoc align related options
githooks.txt: add missing word
builtin-commit.c: do not remove COMMIT_EDITMSG
Christian Couder [Sun, 18 Jan 2009 03:46:09 +0000 (04:46 +0100)]
builtin-fsck: fix off by one head count
According to the man page, if "git fsck" is passed one or more heads, it
should verify connectivity and validity of only objects reachable from the
heads it is passed.
However, since 5ac0a20 (Make builtin-fsck.c use parse_options.,
2007-10-15) the command behaved as if no heads were passed, when given
only one argument.
Signed-off-by: Christian Couder <chriscool@tuxfamily.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
When HEAD is detached, --all should list it, too, logically, as a
detached HEAD is by definition a temporary, unnamed branch.
It is especially necessary to list it when garbage collecting, as
the detached HEAD would be trashed.
Noticed by Thomas Rast.
Note that this affects creating bundles with --all; I contend that it
is a good change to add the HEAD, so that cloning from such a bundle
will give you a current branch. However, I had to fix t5701 as it
assumed that --all does not imply HEAD.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
SZEDER Gábor [Fri, 16 Jan 2009 15:37:33 +0000 (16:37 +0100)]
Fix gitdir detection when in subdir of gitdir
If the current working directory is a subdirectory of the gitdir (e.g.
<repo>/.git/refs/), then setup_git_directory_gently() will climb its
parent directories until it finds itself in a gitdir. However, no
matter how many parent directories it climbs, it sets
'GIT_DIR_ENVIRONMENT' to ".", which is obviously wrong.
This behaviour affected at least 'git rev-parse --git-dir' and hence
caused some errors in bash completion (e.g. customized command prompt
when on a detached head and completion of refs).
To fix this, we set the absolute path of the found gitdir instead.
Signed-off-by: SZEDER Gábor <szeder@ira.uka.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
http-push: when making directories, have a trailing slash in the path name
The function lock_remote() sends MKCOL requests to make leading
directories; However, if it does not put a forward slash '/' at the end of
the path, the server sends a 301 redirect.
By leaving the '/' in place, we can avoid this additional step.
Incidentally, at least one version of Curl (7.16.3) does not resend
credentials when it follows a 301 redirect, so this commit also fixes
a bug.
Original patch by Tay Ray Chuan <rctay89@gmail.com>.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
When getting the result of remote_ls(), we were advancing the variable
"path" to the relative path inside the repository.
However, then we went on to malloc a bogus amount of memory: we were
subtracting the prefix length _again_, quite possibly getting something
negative, which xmalloc() interprets as really, really much.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Command line options can share the same paragraph of description, if
they are related or synonymous. In these cases they should be written
among each other, so that asciidoc can format them itself.
Signed-off-by: Markus Heidelberg <markus.heidelberg@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Stephan Beyer [Fri, 16 Jan 2009 19:40:05 +0000 (20:40 +0100)]
builtin-commit.c: do not remove COMMIT_EDITMSG
git-commit tries to remove the file ./COMMIT_EDITMSG instead of
$GIT_DIR/COMMIT_EDITMSG after commit preparation (e.g. running
hooks, launching editor).
This behavior exists since f5bbc3225c4b07 "Port git commit to C".
Some test cases (e.g. t/t7502-commit.sh) rely on the existence of
$GIT_DIR/COMMIT_EDITMSG after committing and, I guess, many people
are used to it. So it is best not to remove it.
This patch just removes the removal of COMMIT_EDITMSG.
Signed-off-by: Stephan Beyer <s-beyer@gmx.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Thu, 15 Jan 2009 22:33:54 +0000 (14:33 -0800)]
Merge branch 'maint-1.6.0' into maint
* maint-1.6.0:
t3404: Add test case for auto-amending only edited commits after "edit"
t3404: Add test case for aborted --continue after "edit"
t3501: check that commits are actually done
Stephan Beyer [Thu, 15 Jan 2009 13:03:17 +0000 (14:03 +0100)]
t3501: check that commits are actually done
The basic idea of t3501 is to check whether revert
and cherry-pick works on renamed files.
But as there is no pure cherry-pick/revert test, it is
good to also check if commits are actually done in that
scenario.
Signed-off-by: Stephan Beyer <s-beyer@gmx.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Michael J Gruber [Wed, 14 Jan 2009 17:03:22 +0000 (18:03 +0100)]
fix handling of multiple untracked files for git mv -k
The "-k" option to "git mv" should allow specifying multiple untracked
files. Currently, multiple untracked files raise an assertion if they
appear consecutively as arguments. Fix this by decrementing the loop
index after removing one entry from the array of arguments.
Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Michael J Gruber [Wed, 14 Jan 2009 17:03:21 +0000 (18:03 +0100)]
add test cases for "git mv -k"
Add test cases for ignoring nonexisting and untracked files using the -k
option to "git mv". There is one known breakage related to multiple
untracked files specfied as consecutive arguments.
Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Felipe Contreras [Wed, 14 Jan 2009 01:37:07 +0000 (03:37 +0200)]
fast-import: Cleanup mode setting.
"S_IFREG | mode" makes only sense for 0644 and 0755.
Even though doing (S_IFREG | mode) may not hurt when mode is any other
supported value, that is only true because S_IFREG mode bit happens to
be already on for S_IFLNK or S_IFGITLINK.
Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com> Acked-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Tue, 13 Jan 2009 09:13:56 +0000 (01:13 -0800)]
Merge branch 'cb/maint-merge-recursive-fix' into maint
* cb/maint-merge-recursive-fix:
merge-recursive: do not clobber untracked working tree garbage
modify/delete conflict resolution overwrites untracked file
Junio C Hamano [Mon, 12 Jan 2009 23:18:02 +0000 (15:18 -0800)]
Teach format-patch to handle output directory relative to cwd
Without any explicit -o parameter, we correctly avoided putting the
resulting patch output to the toplevel. We should do the same when
the user gave a relative pathname to be consistent with this case.