gitweb: Introduce esc_attr to escape attributes of HTML elements
It is needed only to escape attributes of handcrafted HTML elements,
and not those generated using CGI.pm subroutines / methods for HTML
generation.
While at it, add esc_url and esc_html where needed, and prefer to use
CGI.pm HTML generating methods than handcrafted HTML code. Most of
those are probably unnecessary (could be exploited only by person with
write access to gitweb config, or at least access to the repository).
This fixes CVE-2010-3906
Reported-by: Emanuele Gentili <e.gentili@tigersecurity.it> Helped-by: John 'Warthog9' Hawley <warthog9@kernel.org> Helped-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Merge branch 'master' (early part) into pd/bash-4-completion
* 'master' (early part): (529 commits)
completion: fix zsh check under bash with 'set -u'
Fix copy-pasted comments related to tree diff handling.
Git 1.7.3.2
{cvs,svn}import: use the new 'git read-tree --empty'
t/t9001-send-email.sh: fix stderr redirection in 'Invalid In-Reply-To'
Clarify and extend the "git diff" format documentation
git-show-ref.txt: clarify the pattern matching
documentation: git-config minor cleanups
Update test script annotate-tests.sh to handle missing/extra authors
Better advice on using topic branches for kernel development
Documentation: update implicit "--no-index" behavior in "git diff"
Documentation: expand 'git diff' SEE ALSO section
Documentation: diff can compare blobs
Documentation: gitrevisions is in section 7
fast-import: Allow filemodify to set the root
shell portability: no "export VAR=VAL"
CodingGuidelines: reword parameter expansion section
Documentation: update-index: -z applies also to --index-info
gitweb: Improve behavior for actionless path_info gitweb URLs
gitweb: Fix bug in evaluate_path_info
...
bash: simple reimplementation of _get_comp_words_by_ref
Add a minimal implementation of _get_comp_words_by_ref so
$ git show head:g <tab><tab>
on bash 4 can complete paths within the head commit without requiring
the bash_completion functions to be loaded. This is a follow-up to
the previous patch (bash: get --pretty=m<tab> completion to work with
bash v4).
Based on bash-completion 2.x (commit bf763033, 2010-10-26) but tweaked
for simplicity and to allow zsh to parse the code.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Improved-by: SZEDER Gábor <szeder@ira.uka.de>
bash: get --pretty=m<tab> completion to work with bash v4
Bash's programmable completion provides the COMP_WORDS array variable,
which holds the individual words in the current command line. In bash
versions prior to v4 "words are split on shell metacharacters as the
shell parser would separate them" (quote from bash v3.2.48's man
page). This behavior has changed with bash v4, and the command line
"is split into words as readline would split it, using COMP_WORDBREAKS
as" "the set of characters that the readline library treats as word
separators" (quote from bash v4's man page).
Since COMP_WORDBREAKS contains the characters : and = by default, this
behavior change in bash affects git's completion script. For example,
before bash 4, running
$ git log --pretty=m <tab><tab>
would give a list of pretty-printing formats starting with 'm' but now
it completes on branch names.
It would be possible to work around this by removing '=' and ':' from
COMP_WORDBREAKS, but as noticed in v1.5.6.4~9^2 (bash completion:
Resolve git show ref:path<tab> losing ref: portion, 2008-07-15), that
would break *other* completion scripts. The bash-completion library
includes a better workaround: the _get_comp_words_by_ref function
re-assembles a copy of COMP_WORDS, excluding a collection of word
separators of the caller's choice. Use it.
As a bonus, this also improves behavior when tab is pressed with the
cursor in the middle of a word.
To avoid breaking setups with the bash-completion library not already
loaded, if the _get_comp_words_by_ref function is not defined then a
shim that just reads COMP_WORDS will be used instead (no change from
the current behavior in that case).
Signed-off-by: Peter van der Does <peter@avirtualhome.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Explained-by: SZEDER Gábor <szeder@ira.uka.de>
This works like ":/regex" syntax that finds a recently created commit
starting from all refs, but limits the discovery to those reachable from
the named commit.
Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
In particular, test 14 'difftool last flag wins' in t7800 fails.
This is caused by git-difftool.perl passing both GIT_DIFFTOOL_NO_PROMPT
(='true') and GIT_DIFFTOOL_PROMPT (='true') to the difftool helper
script. Despite the appropriate key being deleted from the ENV
hash, it seems that once a key has been set in the hash, it gets
passed along to the system() call. (ie deleting the key does not
do the equivalent of unsetenv()).
In order to fix the problem, we keep track of the required prompt
state while processing the arguments, and then set the relevant
ENV hash key only once at the end.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
The first (setup) test attempts to create a file, using the
test_commit function, called 'i can has snapshot?'. On cygwin
(and MinGW) this fails with a "No such file or directory" error.
In order to fix the tests, we simply remove the '?' wildcard
from the name, since the purpose of these tests is not about
creating funny filenames.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
lib-git-svn.sh: Avoid setting web server variables unnecessarily
If the SVN_HTTPD_PORT variable is not set, then we will not even
attempt to start a web server in the start_httpd function (despite
it's name), so there is no need to determine values for the
SVN_HTTPD_PATH and SVN_HTTPD_MODULE_PATH variables.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
t9142: Move call to start_httpd into the setup test
In addition to being more consistent with the other calls to
start_httpd in tests t9115-*.sh, t9118-*.sh and t9120-*.sh, this
has the added benefit of making the test less noisy. (start_httpd
writes "SVN_HTTPD_PORT is not defined!" on stderr.)
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
t3600-rm.sh: Don't pass a non-existent prereq to test #15
Commit c91cfd19 (tests: A SANITY test prereq for testing if we're
root, 2010-08-06) introduced a SANITY prerequisite which had very
similar semantics to RO_DIR. That commit removed the code to set
RO_DIR, but forgot to replace RO_DIR with SANITY in test #15.
In order not to skip test 15 unnecessarily, since RO_DIR will never
be set, we pass the SANITY prerequisite instead.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
gitweb: Fix handling of whitespace in generated links
When creating path_info part of link, don't encode space as '+', because
while $cgi->param('foo') translates '+' in query param to ' ', neither
$ENV{'PATH_INFO'} nor $cgi->path_info() do.
This fixes the issue with pathnames with embedded whitespace and
$feature{'pathinfo'} / path_info links. It is done by using newly
introduced esc_path_info() instead of esc_url() in href() subroutine.
Also while links are more clear not escaping space (' ') characters in
generated links, the trailing space must be URI-encoded, otherwise would
get discarded.
Issue noticed thanks to John 'Warthog9' Hawley.
Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* git://git.kernel.org/pub/scm/gitk/gitk:
gitk: Add Brazilian Portuguese (pt-BR) translation
gitk: Make text selectable on Mac
gitk: Prevent the text pane from becoming editable
gitk: Add the equivalent of diff --color-words
gitk: Update Swedish translation (290t)
gitk: Show notes by default (like git log does)
* maint:
Prepare for 1.7.3.4
use persistent memory for rejected paths
do not overwrite files in leading path
lstat_cache: optionally return match_len
add function check_ok_to_remove()
t7607: add leading-path tests
t7607: use test-lib functions and check MERGE_HEAD
Do not link with -lcrypto under NO_OPENSSL
An aborted merge prints the list of rejected paths as part of the
error message. Since commit f66caaf9 (do not overwrite files in
leading path), some of those paths do not have static buffers, so
we have to keep a copy. Use string_list's to accomplish this.
This changes the order of the list to the order in which the paths
are processed. Previously, it was reversed.
Signed-off-by: Clemens Buchacher <drizzd@aon.at> Signed-off-by: Junio C Hamano <gitster@pobox.com>
t7607: use test-lib functions and check MERGE_HEAD
Use the test_commit and test_path_is_missing
functions from the test library.
Also make sure that a merge which fails due to
pre-merge checks aborts properly and does not
leave MERGE_HEAD behind.
The "will not overwrite removed file" test is an
exception to this. It notices the untracked file
at a stage where the merge is already well under
way. Therefore we cannot abort the merge without
major restructuring. See the following thread for
more details.
Merge branch 'tc/http-urls-ends-with-slash' into maint
* tc/http-urls-ends-with-slash:
http-fetch: rework url handling
http-push: add trailing slash at arg-parse time, instead of later on
http-push: check path length before using it
http-push: Normalise directory names when pushing to some WebDAV servers
http-backend: use end_url_with_slash()
url: add str wrapper for end_url_with_slash()
shift end_url_with_slash() from http.[ch] to url.[ch]
t5550-http-fetch: add test for http-fetch
t5550-http-fetch: add missing '&&'
Translating a SCM is tricky due to amount of jargon, so, I tried to
keep the wording consistent with both the German and Italian git
translations and the pt-BR translation of other SCMs.
Signed-off-by: Alexandre Erwin Ittner <alexandre@ittner.com.br> Signed-off-by: Paul Mackerras <paulus@samba.org>
There are some common but minor errors we tend to make in
writing test scripts:
1. Scripts are left non-executable. This is not usually
noticed immediately because "make test" does not need
the bit, but it is a matter of git policy to make them
executable (and is a slight convenience when running
individual scripts).
2. Two scripts are allocated the same number. Usually this
happens on separate branches, and the problem only
comes about during a merge. But since there is no
textual conflict, the merger would have to be very
observant to notice.
This is also a minor error, but can make GIT_SKIP_TESTS
ambiguous.
This patch introduces a "test-lint" target which checks
both. It is not invoked by default. You can invoke it as
"make test-lint", or you can make it a prerequisite of
running the tests by specifying "TEST_LINT = test-lint" in
your config.mak or on the command line.
Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
dd is a thin wrapper around read(2). As open group Issue 7 explains:
It shall read the input one block at a time, using the specified
input block size; it shall then process the block of data
actually returned, which could be smaller than the requested
block size.
Any short read --- for example from a pipe whose capacity cannot fill
a block --- results in that block being truncated. As a result, the
first cat-blob test (9300.114) fails on Mac OS X, where the pipe
capacity is around 8 KiB.
Fix the test by using a block size of 1. Each read will block until
the next byte of input is available.
It would be even nicer to use head -c which expresses the intention
more clearly. Alas, IRIX "head" does not support the -c option.
Reported-by: Brian Gernhardt <brian@gernhardtsoftware.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
get_sha1_oneline: fix lifespan rule of temp_commit_buffer variable
This is trying to free only what we ourselves read (as opposed to what
we borrowed from commit->buffer) but do so lazily only to work around
the fact that the code has many irregular exit points, and doing it right
makes it necessary to call free() from many different places in the loop.
Rewrite the structure of the code inside the loop so that the variable
has to live within a single iteration, ever. This should make the logic
easier to follow as well.
Also we didn't free a temporary commit list we kept to hold the original
set of commits. Free it.
Noticed-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* jn/parse-options-extra:
update-index: migrate to parse-options API
setup: save prefix (original cwd relative to toplevel) in startup_info
parse-options: make resuming easier after PARSE_OPT_STOP_AT_NON_OPTION
parse-options: allow git commands to invent new option types
parse-options: never suppress arghelp if LITERAL_ARGHELP is set
parse-options: do not infer PARSE_OPT_NOARG from option type
parse-options: sanity check PARSE_OPT_NOARG flag
parse-options: move NODASH sanity checks to parse_options_check
parse-options: clearer reporting of API misuse
parse-options: Don't call parse_options_check() so much
* gb/web--browse:
web--browse: better support for chromium
web--browse: support opera, seamonkey and elinks
web--browse: split valid_tool list
web--browse: coding style
* tc/http-urls-ends-with-slash:
http-fetch: rework url handling
http-push: add trailing slash at arg-parse time, instead of later on
http-push: check path length before using it
http-push: Normalise directory names when pushing to some WebDAV servers
http-backend: use end_url_with_slash()
url: add str wrapper for end_url_with_slash()
shift end_url_with_slash() from http.[ch] to url.[ch]
t5550-http-fetch: add test for http-fetch
t5550-http-fetch: add missing '&&'
* ef/win32-dirent:
win32: use our own dirent.h
msvc: opendir: handle paths ending with a slash
win32: dirent: handle errors
msvc: opendir: do not start the search
msvc: opendir: allocate enough memory
msvc: opendir: fix malloc-failure
* jn/git-cmd-h-bypass-setup:
update-index -h: show usage even with corrupt index
merge -h: show usage even with corrupt index
ls-files -h: show usage even with corrupt index
gc -h: show usage even with broken configuration
commit/status -h: show usage even with broken configuration
checkout-index -h: show usage even in an invalid repository
branch -h: show usage even in an invalid repository
Stolen from git-gui, 23effa79f7 (original log message by
Shawn O. Pearce <spearce@spearce.org> follows):
git-gui: Force focus to the diff viewer on mouse click.
Apparently a "feature" of Tcl/Tk on Mac OS X is that a disabled text
widget cannot receive focus or receive a selection within it. This
makes the diff viewer almost useless on that platform as you cannot
select individual parts of the buffer.
Now we force focus into the diff viewer when its clicked on with
button 1. This works around the feature and allows selection to
work within the viewer just like it does on other less sane systems,
like Microsoft Windows.
Signed-off-by: Stefan Haller <stefan@haller-berlin.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
gitk: Prevent the text pane from becoming editable
When setting the "Patch/Tree" radio buttons to "Tree" and
clicking on a file to display it, the text pane would
accidentally become editable (because of the early return
in getblobline).
Signed-off-by: Stefan Haller <stefan@haller-berlin.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
Use the newly added 'diff --word-diff=porcelain' to teach gitk a
color-words mode, with two different modes analogous to the
--word-diff=plain and --word-diff=color settings. These are selected
by a dropdown box.
As an extra twist, automatically enable this word-diff support when
the user mentions a word-diff related option on the command line.
These options were previously ignored because they would break diff
parsing.
Both of these features are only enabled if we have a version of git
that supports --word-diff=porcelain, meaning at least 1.7.2.
Signed-off-by: Thomas Rast <trast@student.ethz.ch> Signed-off-by: Paul Mackerras <paulus@samba.org>
* mg/maint-tag-rfc1991:
tag: recognize rfc1991 signatures
tag: factor out sig detection for tag display
tag: factor out sig detection for body edits
verify-tag: factor out signature detection
t/t7004-tag: test handling of rfc1991 signatures
This gives it the same behavior as we had prior to 1d28232
(status: show branchname with a configurable color).
To do this we need the concept of a "NIL" color, which is
provided by color.[ch]. The implementation is very simple;
in particular, there are no precautions taken against code
accidentally printing the NIL. This should be fine in
practice because:
1. You can't input a NIL color in the config, so it must
come from the in-code defaults. Which means it is up
the client code to handle the NILs it defines.
2. If we do ever print a NIL, it will be obvious what the
problem is, and the bug can be fixed.
Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Move the responsibility for that gymnastics to the header file from the
files that include it. This approach makes it easier to later declare new
services that are related to threading in thread-utils.h and have them
available to all the threading code.
Commit 4091bfc (MinGW: Add missing file mode bit defines,
28-12-2009) causes the msvc build to issue many additional
(currently 1008) macro redefinition warnings. The warnings
relate to the S_IRUSR, S_IWUSR, S_IXUSR and S_IRWXU macros.
In order to fix the warnings, we simply remove the offending
macro definitions which, for both msvc and MinGW, are not
required.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Acked-by: Sebastian Schuberth <sschuberth@gmail.com> Acked-by: Johannes Sixt <j6t@kdbg.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
msvc: Fix build by adding missing INTMAX_MAX define
Commit c03c831 (do not depend on signed integer overflow,
05-10-2010) provokes an msvc build failure. The cause of the
failure is a missing definition of the INTMAX_MAX constant,
used in the new maximum_signed_value_of_type(a) macro, which
would normally be defined in the C99 <stdint.h> header file.
In order the fix the compilation error, we add an appropriate
definition of the INTMAX_MAX constant, along with INTMAX_MIN
and UINTMAX_MAX, to an msvc compat header file.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Acked-by: Erik Faye-Lund <kusmabite@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
get_sha1: teach ":$n:<path>" the same relative path logic
We taught the object name parser to take ":./<path>", ":../<path>", etc.
and understand them to be relative to the current working directory.
Given that ":<path>" is just a short-hand for ":0:<path>" (i.e. "take
stage #0 of that path"), we should allow ":$n:<path>" to interpret them
the same way.
t9143: do not fail when unhandled.log.gz is not created
Do not depend on internal implementation details of svn,
which right now uses perl to create a .gz file.
So this test case will even work in the future,
when svn changes its implementation.
Signed-off-by: Torsten Bögershausen <tboegi@web.de> Acked-by: Eric Wong <normalperson@yhbt.net>
describe: Delay looking up commits until searching for an inexact match
Now that struct commit.util is not used until after we've checked that
the argument doesn't exactly match a tag, we can wait until then to
look up the commits for each tag.
This avoids a lot of I/O on --exact-match queries in repositories with
many tags. For example, 'git describe --exact-match HEAD' becomes
about 12 times faster on a cold cache (3.2s instead of 39s) in a
linux-2.6 repository with 2000 packed tags. That is a huge win for the
interactivity of the __git_ps1 shell prompt helper when on a detached
HEAD.
Signed-off-by: Anders Kaseorg <andersk@ksplice.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
describe: Store commit_names in a hash table by commit SHA1
describe is currently forced to look up the commit at each tag in
order to store the struct commit_name pointers in struct commit.util.
For --exact-match queries, those lookups are wasteful. In preparation
for removing them, put the commit_names into a hash table, indexed by
commit SHA1, that can be used to quickly check for exact matches.
Signed-off-by: Anders Kaseorg <andersk@ksplice.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
describe: Do not use a flex array in struct commit_name
Now add_to_known_names overwrites commit_names in place when multiple
tags point to the same commit. This will make it easier to store
commit_names in a hash table.
Signed-off-by: Anders Kaseorg <andersk@ksplice.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Don't waste time checking for dangling refs; they wouldn't affect the
output of 'git describe' anyway. Although this does not gain much
performance by itself, it does in conjunction with the next commits.
Signed-off-by: Anders Kaseorg <andersk@ksplice.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
The msvc linker complains about external symbols referenced by
the new poll() emulation code. In particular, it complains about
the DispatchMessage(), PeekMessage(), TranslateMessage() and
MsgWaitForMultipleObjects() functions.
In order to satisfy the external references, we link against the
user32.lib library.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Acked-by: Erik Faye-Lund <kusmabite@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
msvc: Fix compilation errors in compat/win32/sys/poll.c
The msvc winsock2.h header file conditionally defines or declares
poll() related symbols which cause many macro redefinition errors,
a struct type redefinition error and syntax errors. These symbols
are defined in support of the WSAPoll() API, new in Windows Vista,
when the symbol _WIN32_WINNT is defined and _WIN32_WINNT >= 0x0600.
In order to avoid the compilation errors, we set _WIN32_WINNT to
0x0502 (which would target Windows Server 2003) prior to including
the winsock2.h header file.
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk> Acked-by: Erik Faye-Lund <kusmabite@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
contrib/hooks/post-receive-email: fix return values from prep_for_email
The function was returning 0 for failure and 1 for success which was
breaking the logic in the main loop. It now also returns in all
cases, rather than exiting.
Signed-off-by: Alan Raison <alan@theraisons.me.uk> Acked-by: Kevin P. Fleming <kpfleming@digium.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Running test t9010 without svn currently errors out for no good reason.
The test uses "svnadmin" without checking if svn is available. This was a
regression introduced by b0ad24b (t9010 (svn-fe): Eliminate dependency on
svn perl bindings, 2010-10-10) when it stopped including ./lib-git-svn.sh
that had the safety.