From cc2082aa9bafaf1ff541fca22cccc86ec1461f65 Mon Sep 17 00:00:00 2001 From: Martin Marmsoler Date: Tue, 11 Jun 2024 23:12:41 +0200 Subject: [PATCH 1/4] Add assert Description: In an older version of libgit2 in git_object_lookup_prefix was a check that repo is valid, but now there is repo->oid_type in the git_object_lookup and must be checked as well --- src/libgit2/object.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libgit2/object.c b/src/libgit2/object.c index 5fab77e6ae3..70e28c2c034 100644 --- a/src/libgit2/object.c +++ b/src/libgit2/object.c @@ -281,6 +281,7 @@ int git_object_lookup_prefix( } int git_object_lookup(git_object **object_out, git_repository *repo, const git_oid *id, git_object_t type) { + GIT_ASSERT_ARG(repo); return git_object_lookup_prefix(object_out, repo, id, git_oid_hexsize(repo->oid_type), type); } From 65a7ff06440afbea2576db44122ee5a20aa30b0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 28 Aug 2024 15:28:35 +0200 Subject: [PATCH 2/4] =?UTF-8?q?http:=20Initialize=20=E2=80=98on=5Fstatus?= =?UTF-8?q?=E2=80=99=20when=20using=20the=20http-parser=20backend.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes a bug likely introduced in d396819101a67c652af0fa0ae65cda19a2c0430a (in 1.8.1) whereby ‘proxy_settings.on_status’ would be left uninitialized when using the ‘http-parser’ backend, eventually leading to a segfault in ‘http_parser_execute’. Valgrind would report use of the uninitialized value like so: Conditional jump or move depends on uninitialised value(s) at 0x50CD533: http_parser_execute (http_parser.c:910) by 0x4928504: git_http_parser_execute (httpparser.c:82) by 0x4925C42: client_read_and_parse (httpclient.c:1178) by 0x4926F27: git_http_client_read_response (httpclient.c:1458) by 0x49255FE: http_stream_read (http.c:427) by 0x4929B90: git_smart__recv (smart.c:29) by 0x492C147: git_smart__store_refs (smart_protocol.c:58) by 0x4929F6C: git_smart__connect (smart.c:171) by 0x4904DCE: git_remote_connect_ext (remote.c:963) by 0x48A15D2: clone_into (clone.c:449) by 0x48A15D2: git__clone (clone.c:546) by 0x4010E9: main (libgit2-proxy.c:20) --- src/libgit2/transports/httpparser.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/libgit2/transports/httpparser.c b/src/libgit2/transports/httpparser.c index 50ba6d2e0cd..c19499b84f4 100644 --- a/src/libgit2/transports/httpparser.c +++ b/src/libgit2/transports/httpparser.c @@ -71,6 +71,7 @@ size_t git_http_parser_execute( { struct http_parser_settings settings_proxy; + settings_proxy.on_status = NULL; settings_proxy.on_message_begin = parser->settings.on_message_begin ? on_message_begin : NULL; settings_proxy.on_url = parser->settings.on_url ? on_url : NULL; settings_proxy.on_header_field = parser->settings.on_header_field ? on_header_field : NULL; @@ -78,6 +79,8 @@ size_t git_http_parser_execute( settings_proxy.on_headers_complete = parser->settings.on_headers_complete ? on_headers_complete : NULL; settings_proxy.on_body = parser->settings.on_body ? on_body : NULL; settings_proxy.on_message_complete = parser->settings.on_message_complete ? on_message_complete : NULL; + settings_proxy.on_chunk_header = NULL; + settings_proxy.on_chunk_complete = NULL; return http_parser_execute(&parser->parser, &settings_proxy, data, len); } From a44f198f925db5acfdc9585e5c03ec373cd781c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 29 Aug 2024 20:38:55 +0000 Subject: [PATCH 3/4] Apply suggestions from code review Co-authored-by: Edward Thomson --- src/libgit2/transports/httpparser.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/libgit2/transports/httpparser.c b/src/libgit2/transports/httpparser.c index c19499b84f4..84833e61737 100644 --- a/src/libgit2/transports/httpparser.c +++ b/src/libgit2/transports/httpparser.c @@ -71,7 +71,8 @@ size_t git_http_parser_execute( { struct http_parser_settings settings_proxy; - settings_proxy.on_status = NULL; + memset(&settings_proxy, 0, sizeof(struct http_parser_settings)); + settings_proxy.on_message_begin = parser->settings.on_message_begin ? on_message_begin : NULL; settings_proxy.on_url = parser->settings.on_url ? on_url : NULL; settings_proxy.on_header_field = parser->settings.on_header_field ? on_header_field : NULL; @@ -79,8 +80,6 @@ size_t git_http_parser_execute( settings_proxy.on_headers_complete = parser->settings.on_headers_complete ? on_headers_complete : NULL; settings_proxy.on_body = parser->settings.on_body ? on_body : NULL; settings_proxy.on_message_complete = parser->settings.on_message_complete ? on_message_complete : NULL; - settings_proxy.on_chunk_header = NULL; - settings_proxy.on_chunk_complete = NULL; return http_parser_execute(&parser->parser, &settings_proxy, data, len); } From da3db6368817d3bc45abb94df61ce8487b49dc7b Mon Sep 17 00:00:00 2001 From: Edward Thomson Date: Sat, 26 Oct 2024 19:36:15 +0100 Subject: [PATCH 4/4] v1.8.3: update changelog and version numbers --- CMakeLists.txt | 2 +- docs/changelog.md | 39 +++++++++++++++++++++++++++++++++++++++ include/git2/version.h | 4 ++-- package.json | 2 +- 4 files changed, 43 insertions(+), 4 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 9ca8882a00e..83b62185848 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -6,7 +6,7 @@ cmake_minimum_required(VERSION 3.5.1) -project(libgit2 VERSION "1.8.1" LANGUAGES C) +project(libgit2 VERSION "1.8.3" LANGUAGES C) # Add find modules to the path set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${PROJECT_SOURCE_DIR}/cmake") diff --git a/docs/changelog.md b/docs/changelog.md index a35a389a4c6..f4ac83fb406 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -1,3 +1,42 @@ +v1.8.3 +------ + +This release fixes a bug introduced in v1.8.1 for users of the legacy +[Node.js http-parser](https://github.com/nodejs/http-parser) +dependency. + +## What's Changed + +### Bug fixes + +* http: Backport on_status initialize fix for http-parser by @ethomson in https://github.com/libgit2/libgit2/pull/6931 + +v1.8.2 +------ + +This release reverts a const-correctness change introduced in +v1.8.0 for the `git_commit_create` functions. We now retain the +const-behavior for the `commits` arguments from prior to v1.8.0. + +This change was meant to resolve compatibility issues with bindings +and downstream users. + +## What's Changed + +### New features + +* Introduce a stricter debugging allocator for testing by @ethomson in https://github.com/libgit2/libgit2/pull/6811 + +### Bug fixes + +* Fix constness issue introduced in #6716 by @ethomson in https://github.com/libgit2/libgit2/pull/6829 + +### Build and CI improvements + +* README: add experimental builds to ci table by @ethomson in https://github.com/libgit2/libgit2/pull/6816 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.8.1...v1.8.2 + v1.8.1 ------ diff --git a/include/git2/version.h b/include/git2/version.h index 33c96254cee..906fa61c642 100644 --- a/include/git2/version.h +++ b/include/git2/version.h @@ -11,7 +11,7 @@ * The version string for libgit2. This string follows semantic * versioning (v2) guidelines. */ -#define LIBGIT2_VERSION "1.8.1" +#define LIBGIT2_VERSION "1.8.3" /** The major version number for this version of libgit2. */ #define LIBGIT2_VER_MAJOR 1 @@ -20,7 +20,7 @@ #define LIBGIT2_VER_MINOR 8 /** The revision ("teeny") version number for this version of libgit2. */ -#define LIBGIT2_VER_REVISION 1 +#define LIBGIT2_VER_REVISION 3 /** The Windows DLL patch number for this version of libgit2. */ #define LIBGIT2_VER_PATCH 0 diff --git a/package.json b/package.json index 6c1cb286ebd..b67c559024e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "libgit2", - "version": "1.8.1", + "version": "1.8.3", "repo": "https://github.com/libgit2/libgit2", "description": " A cross-platform, linkable library implementation of Git that you can use in your application.", "install": "mkdir build && cd build && cmake .. && cmake --build ."