rugged 1.2.0 → 1.3.2

data/vendor/libgit2/src/indexer.c

@@ -601,9 +601,10 @@ static void hash_partially(git_indexer *idx, const uint8_t *data, size_t size)
 	idx->inbuf_len += size - to_expell;
 }
 
+#if defined(NO_MMAP) || !defined(GIT_WIN32)
+
 static int write_at(git_indexer *idx, const void *data, off64_t offset, size_t size)
 {
-#ifdef NO_MMAP
 	size_t remaining_size = size;
 	const char *ptr = (const char *)data;
 
@@ -619,7 +620,31 @@ static int write_at(git_indexer *idx, const void *data, off64_t offset, size_t s
 		offset += nb;
 		remaining_size -= nb;
 	}
+
+	return 0;
+}
+
+static int append_to_pack(git_indexer *idx, const void *data, size_t size)
+{
+	if (write_at(idx, data, idx->pack->mwf.size, size) < 0) {
+		git_error_set(GIT_ERROR_OS, "cannot extend packfile '%s'", idx->pack->pack_name);
+		return -1;
+	}
+
+	return 0;
+}
+
 #else
+
+/*
+ * Windows may keep different views to a networked file for the mmap- and
+ * open-accessed versions of a file, so any writes done through
+ * `write(2)`/`pwrite(2)` may not be reflected on the data that `mmap(2)` is
+ * able to read.
+ */
+
+static int write_at(git_indexer *idx, const void *data, off64_t offset, size_t size)
+{
 	git_file fd = idx->pack->mwf.fd;
 	size_t mmap_alignment;
 	size_t page_offset;
@@ -644,7 +669,6 @@ static int write_at(git_indexer *idx, const void *data, off64_t offset, size_t s
 	map_data = (unsigned char *)map.data;
 	memcpy(map_data + page_offset, data, size);
 	p_munmap(&map);
-#endif
 
 	return 0;
 }
@@ -680,6 +704,8 @@ static int append_to_pack(git_indexer *idx, const void *data, size_t size)
 	return write_at(idx, data, idx->pack->mwf.size, size);
 }
 
+#endif
+
 static int read_stream_object(git_indexer *idx, git_indexer_progress *stats)
 {
 	git_packfile_stream *stream = &idx->stream;
@@ -1279,11 +1305,19 @@ int git_indexer_commit(git_indexer *idx, git_indexer_progress *stats)
 	if (git_mwindow_free_all(&idx->pack->mwf) < 0)
 		goto on_error;
 
-	/* Truncate file to undo rounding up to next page_size in append_to_pack */
+#if !defined(NO_MMAP) && defined(GIT_WIN32)
+	/*
+	 * Some non-Windows remote filesystems fail when truncating files if the
+	 * file permissions change after opening the file (done by p_mkstemp).
+	 *
+	 * Truncation is only needed when mmap is used to undo rounding up to next
+	 * page_size in append_to_pack.
+	 */
 	if (p_ftruncate(idx->pack->mwf.fd, idx->pack->mwf.size) < 0) {
 		git_error_set(GIT_ERROR_OS, "failed to truncate pack file '%s'", idx->pack->pack_name);
 		return -1;
 	}
+#endif
 
 	if (idx->do_fsync && p_fsync(idx->pack->mwf.fd) < 0) {
 		git_error_set(GIT_ERROR_OS, "failed to fsync packfile");

data/vendor/libgit2/src/libgit2.c

@@ -52,6 +52,7 @@ static void libgit2_settings_global_shutdown(void)
 {
 	git__free(git__user_agent);
 	git__free(git__ssl_ciphers);
+	git_repository__free_extensions();
 }
 
 static int git_libgit2_settings_global_init(void)
@@ -367,6 +368,36 @@ int git_libgit2_opts(int key, ...)
 		git_odb__loose_priority = va_arg(ap, int);
 		break;
 
+	case GIT_OPT_SET_EXTENSIONS:
+		{
+			const char **extensions = va_arg(ap, const char **);
+			size_t len = va_arg(ap, size_t);
+			error = git_repository__set_extensions(extensions, len);
+		}
+		break;
+
+	case GIT_OPT_GET_EXTENSIONS:
+		{
+			git_strarray *out = va_arg(ap, git_strarray *);
+			char **extensions;
+			size_t len;
+
+			if ((error = git_repository__extensions(&extensions, &len)) < 0)
+				break;
+
+			out->strings = extensions;
+			out->count = len;
+		}
+		break;
+
+	case GIT_OPT_GET_OWNER_VALIDATION:
+		*(va_arg(ap, int *)) = git_repository__validate_ownership;
+		break;
+
+	case GIT_OPT_SET_OWNER_VALIDATION:
+		git_repository__validate_ownership = (va_arg(ap, int) != 0);
+		break;
+
 	default:
 		git_error_set(GIT_ERROR_INVALID, "invalid option key");
 		error = -1;

data/vendor/libgit2/src/merge.c

@@ -816,8 +816,11 @@ static int merge_conflict_resolve_one_renamed(
 		conflict->type == GIT_MERGE_DIFF_RENAMED_ADDED)
 		return 0;
 
-	ours_changed = (git_oid__cmp(&conflict->ancestor_entry.id, &conflict->our_entry.id) != 0);
-	theirs_changed = (git_oid__cmp(&conflict->ancestor_entry.id, &conflict->their_entry.id) != 0);
+	ours_changed = (git_oid__cmp(&conflict->ancestor_entry.id, &conflict->our_entry.id) != 0) ||
+		(conflict->ancestor_entry.mode != conflict->our_entry.mode);
+
+	theirs_changed = (git_oid__cmp(&conflict->ancestor_entry.id, &conflict->their_entry.id) != 0) ||
+		(conflict->ancestor_entry.mode != conflict->their_entry.mode);
 
 	/* if both are modified (and not to a common target) require a merge */
 	if (ours_changed && theirs_changed &&
@@ -1151,7 +1154,7 @@ static void deletes_by_oid_free(git_oidmap *map) {
 	git_oidmap_free(map);
 }
 
-static int deletes_by_oid_enqueue(git_oidmap *map, git_pool* pool, const git_oid *id, size_t idx)
+static int deletes_by_oid_enqueue(git_oidmap *map, git_pool *pool, const git_oid *id, size_t idx)
 {
 	deletes_by_oid_queue *queue;
 	size_t *array_entry;
@@ -2366,7 +2369,7 @@ done:
 
 	git_annotated_commit_free(other);
 	git_annotated_commit_free(new_base);
-	git_oidarray_free(&bases);
+	git_oidarray_dispose(&bases);
 	git_array_clear(head_ids);
 	return error;
 }

data/vendor/libgit2/src/notes.c

@@ -407,31 +407,33 @@ cleanup:
 	return error;
 }
 
-static int note_get_default_ref(char **out, git_repository *repo)
+static int note_get_default_ref(git_buf *out, git_repository *repo)
 {
 	git_config *cfg;
-	int ret = git_repository_config__weakptr(&cfg, repo);
+	int error;
+
+	if ((error = git_repository_config__weakptr(&cfg, repo)) < 0)
+		return error;
 
-	*out = (ret != 0) ? NULL : git_config__get_string_force(
-		cfg, "core.notesref", GIT_NOTES_DEFAULT_REF);
+	error = git_config_get_string_buf(out, cfg, "core.notesref");
 
-	return ret;
+	if (error == GIT_ENOTFOUND)
+		error = git_buf_puts(out, GIT_NOTES_DEFAULT_REF);
+
+	return error;
 }
 
-static int normalize_namespace(char **out, git_repository *repo, const char *notes_ref)
+static int normalize_namespace(git_buf *out, git_repository *repo, const char *notes_ref)
 {
-	if (notes_ref) {
-		*out = git__strdup(notes_ref);
-		GIT_ERROR_CHECK_ALLOC(*out);
-		return 0;
-	}
+	if (notes_ref)
+		return git_buf_puts(out, notes_ref);
 
 	return note_get_default_ref(out, repo);
 }
 
 static int retrieve_note_commit(
 	git_commit **commit_out,
-	char **notes_ref_out,
+	git_buf *notes_ref_out,
 	git_repository *repo,
 	const char *notes_ref)
 {
@@ -441,7 +443,7 @@ static int retrieve_note_commit(
 	if ((error = normalize_namespace(notes_ref_out, repo, notes_ref)) < 0)
 		return error;
 
-	if ((error = git_reference_name_to_id(&oid, repo, *notes_ref_out)) < 0)
+	if ((error = git_reference_name_to_id(&oid, repo, notes_ref_out->ptr)) < 0)
 		return error;
 
 	if (git_commit_lookup(commit_out, repo, &oid) < 0)
@@ -476,7 +478,7 @@ int git_note_read(git_note **out, git_repository *repo,
 		  const char *notes_ref_in, const git_oid *oid)
 {
 	int error;
-	char *notes_ref = NULL;
+	git_buf notes_ref = GIT_BUF_INIT;
 	git_commit *commit = NULL;
 
 	error = retrieve_note_commit(&commit, &notes_ref, repo, notes_ref_in);
@@ -487,7 +489,7 @@ int git_note_read(git_note **out, git_repository *repo,
 	error = git_note_commit_read(out, repo, commit, oid);
 
 cleanup:
-	git__free(notes_ref);
+	git_buf_dispose(&notes_ref);
 	git_commit_free(commit);
 	return error;
 }
@@ -534,7 +536,7 @@ int git_note_create(
 	int allow_note_overwrite)
 {
 	int error;
-	char *notes_ref = NULL;
+	git_buf notes_ref = GIT_BUF_INIT;
 	git_commit *existing_notes_commit = NULL;
 	git_reference *ref = NULL;
 	git_oid notes_blob_oid, notes_commit_oid;
@@ -553,14 +555,14 @@ int git_note_create(
 	if (error < 0)
 		goto cleanup;
 
-	error = git_reference_create(&ref, repo, notes_ref,
+	error = git_reference_create(&ref, repo, notes_ref.ptr,
 				&notes_commit_oid, 1, NULL);
 
 	if (out != NULL)
 		git_oid_cpy(out, &notes_blob_oid);
 
 cleanup:
-	git__free(notes_ref);
+	git_buf_dispose(&notes_ref);
 	git_commit_free(existing_notes_commit);
 	git_reference_free(ref);
 	return error;
@@ -596,7 +598,7 @@ int git_note_remove(git_repository *repo, const char *notes_ref_in,
 		const git_oid *oid)
 {
 	int error;
-	char *notes_ref_target = NULL;
+	git_buf notes_ref_target = GIT_BUF_INIT;
 	git_commit *existing_notes_commit = NULL;
 	git_oid new_notes_commit;
 	git_reference *notes_ref = NULL;
@@ -612,11 +614,11 @@ int git_note_remove(git_repository *repo, const char *notes_ref_in,
 	if (error < 0)
 		goto cleanup;
 
-	error = git_reference_create(&notes_ref, repo, notes_ref_target,
+	error = git_reference_create(&notes_ref, repo, notes_ref_target.ptr,
 			&new_notes_commit, 1, NULL);
 
 cleanup:
-	git__free(notes_ref_target);
+	git_buf_dispose(&notes_ref_target);
 	git_reference_free(notes_ref);
 	git_commit_free(existing_notes_commit);
 	return error;
@@ -624,18 +626,16 @@ cleanup:
 
 int git_note_default_ref(git_buf *out, git_repository *repo)
 {
-	char *default_ref;
 	int error;
 
 	GIT_ASSERT_ARG(out);
 	GIT_ASSERT_ARG(repo);
 
 	if ((error = git_buf_sanitize(out)) < 0 ||
-	    (error = note_get_default_ref(&default_ref, repo)) < 0)
-		return error;
+	    (error = note_get_default_ref(out, repo)) < 0)
+		git_buf_dispose(out);
 
-	git_buf_attach(out, default_ref, strlen(default_ref));
-	return 0;
+	return error;
 }
 
 const git_signature *git_note_committer(const git_note *note)
@@ -674,7 +674,7 @@ void git_note_free(git_note *note)
 }
 
 static int process_entry_path(
-	const char* entry_path,
+	const char *entry_path,
 	git_oid *annotated_object_id)
 {
 	int error = 0;
@@ -780,7 +780,7 @@ int git_note_iterator_new(
 {
 	int error;
 	git_commit *commit = NULL;
-	char *notes_ref;
+	git_buf notes_ref = GIT_BUF_INIT;
 
 	error = retrieve_note_commit(&commit, &notes_ref, repo, notes_ref_in);
 	if (error < 0)
@@ -789,15 +789,15 @@ int git_note_iterator_new(
 	error = git_note_commit_iterator_new(it, commit);
 
 cleanup:
-	git__free(notes_ref);
+	git_buf_dispose(&notes_ref);
 	git_commit_free(commit);
 
 	return error;
 }
 
 int git_note_next(
-	git_oid* note_id,
-	git_oid* annotated_id,
+	git_oid *note_id,
+	git_oid *annotated_id,
 	git_note_iterator *it)
 {
 	int error;

data/vendor/libgit2/src/oidarray.c

@@ -10,7 +10,7 @@
 #include "git2/oidarray.h"
 #include "array.h"
 
-void git_oidarray_free(git_oidarray *arr)
+void git_oidarray_dispose(git_oidarray *arr)
 {
 	git__free(arr->ids);
 }
@@ -32,3 +32,12 @@ void git_oidarray__reverse(git_oidarray *arr)
 		git_oid_cpy(&arr->ids[(arr->count-1)-i], &tmp);
 	}
 }
+
+#ifndef GIT_DEPRECATE_HARD
+
+void git_oidarray_free(git_oidarray *arr)
+{
+	git_oidarray_dispose(arr);
+}
+
+#endif

data/vendor/libgit2/src/path.c

@@ -413,7 +413,7 @@ int git_path_to_dir(git_buf *path)
 	return git_buf_oom(path) ? -1 : 0;
 }
 
-void git_path_string_to_dir(char* path, size_t size)
+void git_path_string_to_dir(char *path, size_t size)
 {
 	size_t end = strlen(path);
 
@@ -2024,78 +2024,237 @@ done:
 	return supported;
 }
 
-int git_path_validate_system_file_ownership(const char *path)
+static git_path__mock_owner_t mock_owner = GIT_PATH_MOCK_OWNER_NONE;
+
+void git_path__set_owner(git_path__mock_owner_t owner)
+{
+	mock_owner = owner;
+}
+
+#ifdef GIT_WIN32
+static PSID *sid_dup(PSID sid)
+{
+	DWORD len;
+	PSID dup;
+
+	len = GetLengthSid(sid);
+
+	if ((dup = git__malloc(len)) == NULL)
+		return NULL;
+
+	if (!CopySid(len, dup, sid)) {
+		git_error_set(GIT_ERROR_OS, "could not duplicate sid");
+		git__free(dup);
+		return NULL;
+	}
+
+	return dup;
+}
+
+static int current_user_sid(PSID *out)
 {
-#ifndef GIT_WIN32
-	GIT_UNUSED(path);
-	return GIT_OK;
-#else
-	git_win32_path buf;
-	PSID owner_sid;
-	PSECURITY_DESCRIPTOR descriptor = NULL;
-	HANDLE token;
 	TOKEN_USER *info = NULL;
-	DWORD err, len;
-	int ret;
+	HANDLE token = NULL;
+	DWORD len = 0;
+	int error = -1;
 
-	if (git_win32_path_from_utf8(buf, path) < 0)
-		return -1;
+	if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token)) {
+		git_error_set(GIT_ERROR_OS, "could not lookup process information");
+		goto done;
+	}
+
+	if (GetTokenInformation(token, TokenUser, NULL, 0, &len) ||
+		GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
+		git_error_set(GIT_ERROR_OS, "could not lookup token metadata");
+		goto done;
+	}
 
-	err = GetNamedSecurityInfoW(buf, SE_FILE_OBJECT,
-				    OWNER_SECURITY_INFORMATION |
-					    DACL_SECURITY_INFORMATION,
-				    &owner_sid, NULL, NULL, NULL, &descriptor);
+	info = git__malloc(len);
+	GIT_ERROR_CHECK_ALLOC(info);
 
-	if (err == ERROR_FILE_NOT_FOUND || err == ERROR_PATH_NOT_FOUND) {
-		ret = GIT_ENOTFOUND;
-		goto cleanup;
+	if (!GetTokenInformation(token, TokenUser, info, len, &len)) {
+		git_error_set(GIT_ERROR_OS, "could not lookup current user");
+		goto done;
 	}
 
-	if (err != ERROR_SUCCESS) {
+	if ((*out = sid_dup(info->User.Sid)))
+		error = 0;
+
+done:
+	if (token)
+		CloseHandle(token);
+
+	git__free(info);
+	return error;
+}
+
+static int file_owner_sid(PSID *out, const char *path)
+{
+	git_win32_path path_w32;
+	PSECURITY_DESCRIPTOR descriptor = NULL;
+	PSID owner_sid;
+	DWORD ret;
+	int error = -1;
+
+	if (git_win32_path_from_utf8(path_w32, path) < 0)
+		return -1;
+
+	ret = GetNamedSecurityInfoW(path_w32, SE_FILE_OBJECT,
+		OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+		&owner_sid, NULL, NULL, NULL, &descriptor);
+
+	if (ret == ERROR_FILE_NOT_FOUND || ret == ERROR_PATH_NOT_FOUND)
+		error = GIT_ENOTFOUND;
+	else if (ret != ERROR_SUCCESS)
 		git_error_set(GIT_ERROR_OS, "failed to get security information");
-		ret = GIT_ERROR;
-		goto cleanup;
+	else if (!IsValidSid(owner_sid))
+		git_error_set(GIT_ERROR_OS, "file owner is not valid");
+	else if ((*out = sid_dup(owner_sid)))
+		error = 0;
+
+	if (descriptor)
+		LocalFree(descriptor);
+
+	return error;
+}
+
+int git_path_owner_is_current_user(bool *out, const char *path)
+{
+	PSID owner_sid = NULL, user_sid = NULL;
+	int error = -1;
+
+	if (mock_owner) {
+		*out = (mock_owner == GIT_PATH_MOCK_OWNER_CURRENT_USER);
+		return 0;
+	}
+
+	if ((error = file_owner_sid(&owner_sid, path)) < 0 ||
+	    (error = current_user_sid(&user_sid)) < 0)
+		goto done;
+
+	*out = EqualSid(owner_sid, user_sid);
+	error = 0;
+
+done:
+	git__free(owner_sid);
+	git__free(user_sid);
+	return error;
+}
+
+int git_path_owner_is_system(bool *out, const char *path)
+{
+	PSID owner_sid;
+
+	if (mock_owner) {
+		*out = (mock_owner == GIT_PATH_MOCK_OWNER_SYSTEM);
+		return 0;
 	}
 
-	if (!IsValidSid(owner_sid)) {
-		git_error_set(GIT_ERROR_INVALID, "programdata configuration file owner is unknown");
-		ret = GIT_ERROR;
-		goto cleanup;
+	if (file_owner_sid(&owner_sid, path) < 0)
+		return -1;
+
+	*out = IsWellKnownSid(owner_sid, WinBuiltinAdministratorsSid) ||
+	       IsWellKnownSid(owner_sid, WinLocalSystemSid);
+
+	git__free(owner_sid);
+	return 0;
+}
+
+int git_path_owner_is_system_or_current_user(bool *out, const char *path)
+{
+	PSID owner_sid = NULL, user_sid = NULL;
+	int error = -1;
+
+	if (mock_owner) {
+		*out = (mock_owner == GIT_PATH_MOCK_OWNER_SYSTEM ||
+		        mock_owner == GIT_PATH_MOCK_OWNER_CURRENT_USER);
+		return 0;
 	}
 
+	if (file_owner_sid(&owner_sid, path) < 0)
+		goto done;
+
 	if (IsWellKnownSid(owner_sid, WinBuiltinAdministratorsSid) ||
 	    IsWellKnownSid(owner_sid, WinLocalSystemSid)) {
-		ret = GIT_OK;
-		goto cleanup;
-	}
-
-	/* Obtain current user's SID */
-	if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token) &&
-	    !GetTokenInformation(token, TokenUser, NULL, 0, &len)) {
-		info = git__malloc(len);
-		GIT_ERROR_CHECK_ALLOC(info);
-		if (!GetTokenInformation(token, TokenUser, info, len, &len)) {
-			git__free(info);
-			info = NULL;
+		*out = 1;
+		error = 0;
+		goto done;
+	}
+
+	if (current_user_sid(&user_sid) < 0)
+		goto done;
+
+	*out = EqualSid(owner_sid, user_sid);
+	error = 0;
+
+done:
+	git__free(owner_sid);
+	git__free(user_sid);
+	return error;
+}
+
+#else
+
+static int path_owner_is(bool *out, const char *path, uid_t *uids, size_t uids_len)
+{
+	struct stat st;
+	size_t i;
+
+	*out = false;
+
+	if (p_lstat(path, &st) != 0) {
+		if (errno == ENOENT)
+			return GIT_ENOTFOUND;
+
+		git_error_set(GIT_ERROR_OS, "could not stat '%s'", path);
+		return -1;
+	}
+
+	for (i = 0; i < uids_len; i++) {
+		if (uids[i] == st.st_uid) {
+			*out = true;
+			break;
 		}
 	}
 
-	/*
-	 * If the file is owned by the same account that is running the current
-	 * process, it's okay to read from that file.
-	 */
-	if (info && EqualSid(owner_sid, info->User.Sid))
-		ret = GIT_OK;
-	else {
-		git_error_set(GIT_ERROR_INVALID, "programdata configuration file owner is not valid");
-		ret = GIT_ERROR;
+	return 0;
+}
+
+int git_path_owner_is_current_user(bool *out, const char *path)
+{
+	uid_t userid = geteuid();
+
+	if (mock_owner) {
+		*out = (mock_owner == GIT_PATH_MOCK_OWNER_CURRENT_USER);
+		return 0;
 	}
-	git__free(info);
 
-cleanup:
-	if (descriptor)
-		LocalFree(descriptor);
+	return path_owner_is(out, path, &userid, 1);
+}
 
-	return ret;
-#endif
+int git_path_owner_is_system(bool *out, const char *path)
+{
+	uid_t userid = 0;
+
+	if (mock_owner) {
+		*out = (mock_owner == GIT_PATH_MOCK_OWNER_SYSTEM);
+		return 0;
+	}
+
+	return path_owner_is(out, path, &userid, 1);
+}
+
+int git_path_owner_is_system_or_current_user(bool *out, const char *path)
+{
+	uid_t userids[2] = { geteuid(), 0 };
+
+	if (mock_owner) {
+		*out = (mock_owner == GIT_PATH_MOCK_OWNER_SYSTEM ||
+		        mock_owner == GIT_PATH_MOCK_OWNER_CURRENT_USER);
+		return 0;
+	}
+
+	return path_owner_is(out, path, userids, 2);
 }
+
+#endif