Augie Fackler <augie@google.com> [Fri, 15 Jun 2018 10:14:32 -0400] rev 37876
tests: replace `echo -n` with `printf` per check-code
Differential Revision: https://phab.mercurial-scm.org/D3749
Jun Wu <quark@fb.com> [Thu, 14 Jun 2018 14:04:26 -0700] rev 37875
crecord: fix line number in hunk header (issue5917)
`@@ -1,1 +-1,0 @@` is not a valid patch hunk header.
Change it to `@@ -1,1 +0,0 @@`.
Differential Revision: https://phab.mercurial-scm.org/D3737
Josef 'Jeff' Sipek <jeffpc@josefsipek.net> [Wed, 13 Jun 2018 10:41:20 -0400] rev 37874
lazymanifest: don't crash when out of memory (issue5916)
self->lines can be NULL if we failed to allocate memory for it.
Josef 'Jeff' Sipek <jeffpc@josefsipek.net> [Wed, 13 Jun 2018 10:37:39 -0400] rev 37873
cext: stop worrying and love the free(NULL)
There is no need to check for a NULL pointer before calling free since
free(NULL) is defined by C standards as a no-op. Lots of software relies on
this behavior so it is completely safe to call even on the most obscure of
systems.
Augie Fackler <augie@google.com> [Sun, 20 May 2018 23:05:18 -0400] rev 37872
tests: fix test-patch.t on pickier /bin/sh implementations
This is a graft of 0b39edeff033 and f44306940c94 from default because
I'm tired of seeing the FreeBSD build be red on stable. See those
revisions for details on what's going on here.
Jun Wu <quark@fb.com> [Wed, 06 Jun 2018 12:53:26 -0700] rev 37871
chg: fix an undefined behavior about memcpy
Spot by Wez Furlong. `memcpy(x, NULL, 0)` is undefined according to [1].
[1]: https://stackoverflow.com/questions/5243012
Differential Revision: https://phab.mercurial-scm.org/D3698
Augie Fackler <raf@durin42.com> [Wed, 06 Jun 2018 13:28:49 -0400] rev 37870
Added signature for changeset 9c5ced5276d6
Augie Fackler <raf@durin42.com> [Wed, 06 Jun 2018 13:28:48 -0400] rev 37869
Added tag 4.6.1 for changeset 9c5ced5276d6
Augie Fackler <augie@google.com> [Mon, 30 Apr 2018 22:24:58 -0400] rev 37868
mpatch: avoid integer overflow in combine() (SEC)
All the callers of this function can handle a NULL return, so that
appears to be the "safe" way to report an error.
Augie Fackler <augie@google.com> [Mon, 30 Apr 2018 22:23:06 -0400] rev 37867
mpatch: avoid integer overflow in mpatch_decode (SEC)
Augie Fackler <augie@google.com> [Mon, 30 Apr 2018 22:20:13 -0400] rev 37866
mpatch: fix UB integer overflows in discard() (SEC)
Augie Fackler <augie@google.com> [Mon, 30 Apr 2018 22:15:11 -0400] rev 37865
mpatch: fix UB in int overflows in gather() (SEC)
Augie Fackler <augie@google.com> [Thu, 03 May 2018 12:54:20 -0400] rev 37864
mpatch: introduce a safesub() helper as well
Same reason as safeadd().
Augie Fackler <augie@google.com> [Mon, 30 Apr 2018 22:13:42 -0400] rev 37863
mpatch: introduce a safeadd() helper to work around UB int overflow
We're about to make extensive use of this. This change duplicates some
stdbool.h portability hacks from cext/util.h. We should probably clean
that up in the future, but we'll skip that for now in order to make
security backports easier.
Augie Fackler <augie@google.com> [Sat, 28 Apr 2018 10:09:12 -0400] rev 37862
mpatch: ensure fragment start isn't past the end of orig (SEC)
Caught by oss-fuzz fuzzer during development.
This defect is OVE-20180430-0004. A CVE has not been obtained as of
this writing.