DirCacheCheckout and CanonicalTreeParser cooperate. CanonicalTreeParser
can detect malformed, potentially malicious tree entries and sets a
flag, while DirCacheCheckout refuses to work with such paths.
Malicious tree entries are ".", "..", ".git" (case insensitive), any
name containing '/' and (on Windows '\') and also (on Windows)
any paths ending in a combination of '.' or space or containing a ':'.
We also forbid all special names like "con" etc on Windows.
Some of the test can execute on any platform by enabling partial
platform emulation.
A new runtime exception, InvalidPathException, is introduced. For
backwards compatibility it extends InvalidArgumentException.
Change-Id: I86199105814b63d4340e5de0e471d0da6b579ead
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Allow adding files with size over 2 GB. The drawback is that the tests
for huge file support adds roughly 10 minutes of execution time.
For that reason we @Ignore the test in the standard test execution.
Change-Id: I5788e8009899203b346f353297166825b3744575
When there is a conflict sometimes we did not set the stage of
the conflict entries properly for the STAGE_1 entry.
Change-Id: I1c28ff6251fdbc95f7c40fc3e401f1b41157a9f6
The size shoould be passed to BufferedOutputStream's constructor.
All callers seem to use the default, but that could change.
Change-Id: I874afee6a9114698805e36813781547e6aa328a5
Tags can be un-annotated whereby there is no RevTag object, only
a ref pointing to the tagged object.
Bug: 360650
Change-Id: I06309c45c0a896fe2a0a874700febf78c9fb87e8
A DirCache was not unlocked if an exception occurred in the
DirCacheCheckout constructor.
Bug: 365449
Change-Id: I231d902d52e3e5e9a7748eedaa63a2bb889ebb13
Signed-off-by: Jens Baumgart <jens.baumgart@sap.com>
Instead of indexing the subsection names on each request for a given
section name, index both the section and subsection names in a single
scan through the entry list. This should improve lookup time for
reading the section names out of the configuration, especially for the
url.*.insteadof type of processing performed in RemoteConfig.
Change-Id: I7b3269565b1308f69d20dc3f3fe917aea00f8a73
Java NIO has some problems (like files closing unexpectedly because the
thread was interrupted). To avoid those problems, don't use a NIO
channel to determine the size of a file, but rather ask the File itself.
We have to be prepared to handle wrong/outdated information in this case
too, as the inode of the File may change between opening and determining
file size.
Change-Id: Ic7aa6c3337480879efcce4a3058b548cd0e2cef0
Iterate over all successfully cloned submodules recursively
and continue initializing and updating until no more are found.
Bug: 375426
Change-Id: Ifb99e41e2deb0c369442bca3c0f5f072dd006816
If project.init() isn't called GitCloneTaskTest fails when started from
Eclipse, according to [1] calling init() is necessary to properly
initialize the Ant project programmatically.
Always set the destination folder in order to ensure that all test
resources are created under the project's target folder and do not
pollute the project's source tree with test data.
[1]
http://ant.1045680.n5.nabble.com/project-createTask-not-working-with-ant-1-8-2-td3385716.html
Change-Id: Icbeb62680b018a92673faa58828b5e850564c7a8
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Parsing the size from a packed object header was incorrectly computing
the total inflated length when the length exceeded the range of a Java
int. The next 7 bits of size information was shifted left as an int
using a shift of 25 bits, placing the higher bits of the size into the
sign position. When this size was extended to a long to be added to
the current size accumulator the size went negative, resulting in
NegativeArraySizeException being thrown.
Fix all places where this particular pattern of code is used to read a
pack size field, or a binary delta header, as they both use the same
variable length encoding scheme.
Change-Id: I04008728ed828f18202652c3d5401cf95a441d0a
Decrease running time for getStringList (and all other get methods) by
looking for configuration entries using binary search rather than
linear search through the configuration file.
Configuration lines are sorted by section, subsection, name in a
sorted list whenever the snapshot is rebuilt. Binary search is used to
locate an index in the middle of the values, then walk backwards to
find the first value in the range.
Given a configuration of file of 5000 distinct section/subsection/name
triplets (e.g. a Gerrit Code Review project.config configuration file
with 5000 unique access control rules), this new code is faster to
lookup each rule individually using getStringList():
old setStringList() 194 usec avg
getStringList() 196 usec avg
new setStringList() 188 usec avg
getStringList() 24 usec avg
Change-Id: Ic8907231868c18eb946b72f341a6b58666b70324
The Config class is getting very large. Extract two of its inner
classes into new top level types to reduce the size of Config.
Rename them slightly in the process.
Change-Id: I693148a5ae2977378789bf455c880a6fd856c0f0
Content length is computed and cached (short term) in the working
tree iterator when core.autocrlf is set.
Hopefully this is a cleaner fix than my previous attempt to make
autocrlf work.
Change-Id: I1b6bbb643101a00db94e5514b5e2b069f338907a
Implementations may want to send an error message to the user, which
doesn't really fit with any of the existing exception types.
ServiceMayNotContinueException, on the other hand, is documented as
always containing a user-visible error string, so use that.
Modify the git and HTTP transport mechanisms to properly relay this
message to the end user.
Change-Id: I362e67ea46102a145bf2c6284d38788537c9735f
This reverts commit bf845c126d since this
change needs to go through a formal IP review and Chris missed to file a
CQ for that.
Change-Id: I303515d78116f0591a2911dbfb9f857738f086a9
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
This extracts the logic for writing to the reflog from
RefDirectory into a new ReflogWriter class. This class
creates a public API for writing reflog entries similar
to ReflogReader for reading reflog entries.
The new command supports rewriting the stash's log to remove
a configured entry followed by updating the stash ref to
the value at the bottom of the newly written log.
Change-Id: Icfcbc70e838666769a742a94196eb8dc9c7efcc7
Signed-off-by: Chris Aniszczyk <zx@twitter.com>
Check for a '#' character in each line read and
parse the leading characters as the class name of
a TransportProtocol being registered via SPI.
Bug: 373439
Change-Id: If36cb62c07ecea78ba0f326a87edf1d80b7b42b6
Signed-off-by: Chris Aniszczyk <zx@twitter.com>
This allows repositoryies with a missing repositoryformatversion
config value to be successfully opened but still throws exceptions
when the value is a non-long or greater than zero.
git-core attempts to parse this config value as a long as well
and defaults to 0 if the value is missing.
Bug: 368697
Change-Id: I4a93117afca37e591e8e0ab4d2f2eef4273f0cc9
Signed-off-by: Chris Aniszczyk <zx@twitter.com>
Previously only certain values were copied over which caused
divergence in behavior between the JGit command and corresponding
CGit command.
Bug: 372051
Change-Id: I72a83215a679a713138da31f5ab838f14388d4bd
Signed-off-by: Chris Aniszczyk <zx@twitter.com>
Recently Robin tried to increase the size of the buffer used by
ObjectInserter to fix a bug in the InputStream that handles AutoCRLF.
The purpose of this buffer is NOT to make a random InputStream work
correctly by passing it a larger buffer during read(byte[],int,int).
Clarify the Javadoc on the buffer() method to reduce the risk
someone tries to abuse it again.
While we are here, modify the method to load the field into a local
variable before returning. This should cut down 1 field load during
the common case of the buffer being already allocated.
Change-Id: Ic6898530d10fcd7e59f90397117a4a0d97e1f031
Signed-off-by: Chris Aniszczyk <zx@twitter.com>
This was likely intended originally, but this class had never been
used, so the mistake went unnoticed.
Change-Id: I5e0e9f22ebf707c11d0581511c7a56b182188f77
This reverts commit 88fe2836ed.
Auto CRLF isn't special enough to be screwing around with the buffers
used for raw byte processing of the ObjectInserter API. If it needs a
buffer to process a file that is bigger than the buffer allocated by
an ObjectInserter, it needs to do its own buffer management.
Change-Id: Ida4aaa80d0f9f78035f3d2a9ebdde904c980f89a
Previously a DirCacheCheckout was done using a merge tree reflecting
the state of the repository when the stash was originally done.
This was wrong since unstashing after making subsequent commits
would undo changes already committed by checking out entries from
an outdated tree.
The new approach is to scan for conflicts initially using a 6-way
tree walk that contains the trees for the stashed HEAD, stashed
index, stashed working directory, current HEAD, current index, and
current working directory. Then perform a subsequent scan of the
stashed HEAD, index, and working directory trees and apply all
the stashed differences to the current index and working directory.
Bug: 372882
Change-Id: Ica65f162132c00a16964e838de66fc8b5cd0b0aa
Signed-off-by: Chris Aniszczyk <zx@twitter.com>
When fetching over smart HTTP the InputStream that gets fed into
a PackParser doesn't really support EOF at the end of the pack. It
instead tries to make a new HTTP request, which fails because there
is no request body currently buffered by the client.
Make EOF work correctly on the end of an HTTP derived InputStream
for the pack by denoting no more requests are expected as the higher
level code is now consuming the pack (or side-band embedded pack).
Smart HTTP support doesn't automatically enqueue execute support onto
the end of the UnionInputStream, which allows the UnionInputStream
to correctly reflect EOF when the HTTP response is consumed.
Change-Id: I975f1ab1c81ab1c1af925716970088bc7b8d6b1a