| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Use the new object_type enumeration names within the codebase.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test submodule::lookup::duplicated_path, which tries to verify that
we detect submodules with duplicated paths, currently relies on the
gitmodules file of "submod2_target". While this file has two gitmodules
with the same path, one of these gitmodules has an empty name and thus
does not pass `git_submodule_name_is_valid`. Because of this, the test
is in fact dependent on the iteration order in which we process the
submodules. In fact the "valid" submodule comes first, the "invalid"
submodule will cause the desired error. In fact the "invalid" submodule
comes first, it will be skipped due to its name being invalid, and we
will not see the desired error. While this works on the master branch
just right due to the refactoring of our config code, where iteration
order is now deterministic, this breaks on all older maintenance
branches.
Fix the issue by simply using `cl_git_rewritefile` to rewrite the
gitmodules file. This greatly simplifies the test and also makes the
intentions of it much clearer.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When loading submodule names, we build a map of submodule paths and
their respective names. While looping over the configuration keys,
we do not check though whether a submodule path was seen already. This
leads to a memory leak in case we have multiple submodules with the same
path, as we just overwrite the old value in the map in that case.
Fix the error by verifying that the path to be added is not yet part of
the string map. Git does not allow to have multiple submodules for a
path anyway, so we now do the same and detect this duplication,
reporting it to the user.
|
| | |
|
| |
|
|
|
|
|
|
| |
Otherwise we would also admit `..\..\foo\bar` as a valid path and fail to
protect Windows users.
Ideally we would check for both separators without the need for the copied
string, but this'll get us over the RCE.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the we decide that the "name" of the submodule (i.e. its path inside
`.git/modules/`) is trying to escape that directory or otherwise trick us, we
ignore the configuration for that submodule.
This leaves us with a half-configured submodule when looking it up by path, but
it's the same result as if the configuration really were missing.
The name check is potentially more strict than it needs to be, but it lets us
re-use the check we're doing for the checkout. The function that encapsulates
this logic is ready to be exported but we don't want to do that in a security
release so it remains internal for now.
|
| |
|
|
| |
We should pretend such submdules do not exist as it can lead to RCE.
|
| |\
| |
| | |
Submodules-API should report .gitmodules parse errors instead of ignoring them
|
| | |
| |
| |
| | |
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/
|
|
|
|
|
| |
submodule: check path and prefix before adding submodule
submodule: fix test errors
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
While it is technically possible to look up submodules inside of a
bare repository by reading the submodule configuration of a specific
commit, we do not offer this functionality right now. As such, calling
both `git_submodule_lookup` and `git_submodule_foreach` should error out
early when these functions encounter a bare repository. While
`git_submodule_lookup` already does return an error due to not being
able to parse the configuration, `git_submodule_foreach` simply returns
success and never invokes the callback function.
Fix the issue by having both functions check whether the repository is
bare and returning an error in that case.
|
| | |
|
| |
|
|
|
|
|
| |
The testcase "submodule::lookup::cached" was declared with a single
underscore separating the test suide and test name, only. As the clar
parser only catches tests with two underscores, it was never executed.
Add in the second underscore to actually have it detected and executed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To determine if a repository is a worktree or not, we currently check
for the existence of a "gitdir" file inside of the repository's gitdir.
While this is sufficient for non-broken repositories, we have at least
one case of a subtly broken repository where there exists a gitdir file
inside of a gitmodule. This will cause us to misidentify the submodule
as a worktree.
While this is not really a fault of ours, we can do better here by
observing that a repository can only ever be a worktree iff its common
directory and dotgit directory are different. This allows us to make our
check whether a repo is a worktree or not more strict by doing a simple
string comparison of these two directories. This will also allow us to
do the right thing in the above case of a broken repository, as for
submodules these directories will be the same. At the same time, this
allows us to skip the `stat` check for the "gitdir" file for most
repositories.
|
| | |
|
| |
|
|
|
|
| |
Provide more detailed messages when conditions pass or fail
unexpectedly. In particular, this provides the error messages when a
test fails with a different error code than was expected.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added `git_repository_submodule_cache_all` to initialze a cache of
submodules on the repository so that operations looking up N
submodules are O(N) and not O(N^2). Added a
`git_repository_submodule_cache_clear` function to remove the cache.
Also optimized the function that loads all submodules as it was itself
O(N^2) w.r.t the number of submodules, having to loop through the
`.gitmodules` file once per submodule. I changed it to process the
`.gitmodules` file once, into a map.
Signed-off-by: David Turner <dturner@twosigma.com>
|
| | |
|
| | |
|
| |
|
|
|
| |
Test that `git_submodule_update` can handle a submodule that is
freshly cloned and has a path differing from its name.
|
| |\
| |
| | |
Win32 Reserved names: don't reserve names outside the working directory
|
| | |
| |
| |
| |
| |
| |
| | |
Test an initial submodule update, where we are trying to checkout
the submodule for the first time, and placing a file within the
submodule working directory with the same name as the submodule
(and consequently, the same name as the repository itself).
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Untangle git_futils_mkdir from git_futils_mkdir_ext - the latter
assumes that we own everything beneath the base, as if it were
being called with a base of the repository or working directory,
and is tailored towards checkout and ensuring that there is no
bogosity beneath the base that must be cleaned up.
This is (at best) slow and (at worst) unsafe in the larger context
of a filesystem where we do not own things and cannot do things like
unlink symlinks that are in our way.
|
| | |
|
| | |
|
| |\
| |
| | |
Normalize submodule urls before looking at them
|
| | | |
|
| |\ \
| | |
| | | |
Allow adding a submodule through git_index_add_bypath
|
| | |/
| |
| |
| |
| | |
This also affects `git_index_add_bypath()` by providing a better error
message and a specific error code when a directory is passed.
|
| |/
|
|
|
|
| |
When we rename a submodule, we should be merging two sets of information
based on whether their path is the same. We currently only deduplicate
on equal name, which causes us to double-report.
|
| |
|
|
|
| |
When two submodules are fairly similar, we may end up loading the wrong
one.
|
| |
|
|
|
|
|
|
| |
The function was removed, but its declaration and changelog entry about
its removal were forgotten.
The comment in the test doesn't make any sense as the function doesn't
exist anymore, so get rid of it as well.
|
| |
|
|
|
| |
We allow looking up a submodule by path, but we lost the path
normalisation during the recent changes. Bring it back.
|
| |
|
|
|
| |
Fallback describes the mechanism, while unspecified explains what the
user is thinking.
|
| |
|
|
|
|
| |
In addition to mapping enums to strings in the configuration, we need to
know to delete the configuration option when given the "none" or "no"
option.
|
| |
|
|
|
|
| |
The current code will always fail, but only because it's asking for a
string on a live config. Take a snapshot and make sure we fail with
ENOTFOUND instead of any old error.
|
| | |
|
| |
|
|
|
| |
We no longer have any setters which affect an instance, so
`git_submodule_save()` is no longer relevant.
|
| |
|
|
| |
With this one, we can get rid of the edit_and_save test.
|
| | |
|
| |
|
|
|
|
| |
Similarly to the other ones. In this test we copy over testing
`RECURSE_YES` which shows an error in our handling of the `YES` variant
which we may have to port to the rest.
|
