delta/libgit2.git/tests/checkout, branch ethomson/codespaces

str: introduce `git_str` for internal, `git_buf` is external

2021-10-17T13:49:01+00:00

libgit2 has two distinct requirements that were previously solved by
`git_buf`.  We require:

1. A general purpose string class that provides a number of utility APIs
   for manipulating data (eg, concatenating, truncating, etc).
2. A structure that we can use to return strings to callers that they
   can take ownership of.

By using a single class (`git_buf`) for both of these purposes, we have
confused the API to the point that refactorings are difficult and
reasoning about correctness is also difficult.

Move the utility class `git_buf` to be called `git_str`: this represents
its general purpose, as an internal string buffer class.  The name also
is an homage to Junio Hamano ("gitstr").

The public API remains `git_buf`, and has a much smaller footprint.  It
is generally only used as an "out" param with strict requirements that
follow the documentation.  (Exceptions exist for some legacy APIs to
avoid breaking callers unnecessarily.)

Utility functions exist to convert a user-specified `git_buf` to a
`git_str` so that we can call internal functions, then converting it
back again.

implement GIT_CHECKOUT_DRY_RUN to allow notifications without touching the working directory

2021-04-14T20:05:47+00:00

Make the tests pass cleanly with MemorySanitizer

2020-06-30T13:25:10+00:00

This change:

* Initializes a few variables that were being read before being
  initialized.
* Includes https://github.com/madler/zlib/pull/393. As such,
  it only works reliably with `-DUSE_BUNDLED_ZLIB=ON`.

clar: include the function name

2020-06-05T07:49:07+00:00

checkout::index: free the index

2020-05-23T08:35:53+00:00

tests: checkout: fix stylistic issues and static variable

2020-05-16T12:02:42+00:00

The test case checkout::index::can_disable_pathspec_match has some
shortcomings when it comes to coding style, which didn't fit our own
coding style. Furthermore, it had an unnecessary static local variable.

The test has been refactored to address these issues.

checkout: Fix removing untracked files by path in subdirectories

2020-05-10T23:15:06+00:00

The checkout code didn't iterate into a subdir if it didn't match the
pathspec, but since the pathspec might match files in the subdir we
should recurse into it (In contrast to gitignore handling).

Fixes #5089

tests::checkout: only examine test10 and test11.txt

2020-05-10T22:47:20+00:00

The checkout::index::can_disable_pathspec_match test attempts to set a
path filter of `test11.txt` and `test12.txt`, but then validates that
`test10.txt` and `test11.txt` were left unmodified.  Update the test's
path filter to match the expectation.

Create test case demonstrating checkout bug w/ pathspec match disabled

2020-05-10T22:47:20+00:00

Disallow NTFS Alternate Data Stream attacks, even on Linux/macOS

2019-12-10T08:01:06+00:00

A little-known feature of NTFS is that it offers to store metadata in
so-called "Alternate Data Streams" (inspired by Apple's "resource
forks") that are copied together with the file they are associated with.
These Alternate Data Streams can be accessed via `::`.

Directories, too, have Alternate Data Streams, and they even have a
default stream type `$INDEX_ALLOCATION`. Which means that `abc/` and
`abc::$INDEX_ALLOCATION/` are actually equivalent.

This is of course another attack vector on the Git directory that we
definitely want to prevent.

On Windows, we already do this incidentally, by disallowing colons in
file/directory names.

While it looks as if files'/directories' Alternate Data Streams are not
accessible in the Windows Subsystem for Linux, and neither via
CIFS/SMB-mounted network shares in Linux, it _is_ possible to access
them on SMB-mounted network shares on macOS.

Therefore, let's go the extra mile and prevent this particular attack
_everywhere_. To keep things simple, let's just disallow *any* Alternate
Data Stream of `.git`.

This is libgit2's variant of CVE-2019-1352.

Signed-off-by: Johannes Schindelin