The `git_buf` structure seems to be too complicated to correctly
grasp for Coverity. As such, add simpler models trying to guide
Coverity and remove false positives related to these functions.
The static analysis engine coverity allows for user models
overriding how it treats functions when analyzing code. Like
this, one can greatly reduce the rate of false positives and thus
make it easier to spot actual errors.
Add a user model that overrides function models for `git_buf_len`
and `git_vector_insert`, which together amount for a majority of
false positives.
It takes a bit for the propxy to get ready to accept connections, so
start it before the build so we can be reasonably sure that it's going
to be ready in time.
Curl by default does not report errors by setting the error code.
As the upload can fail through several conditions (e.g. the rate
limit, leading to unauthorized access) we should indicate this
information in Travis CI.
To improve upon the behavior, use `--write-out=%{http_code}` to
write out the HTTP code in addition to the received body and
return an error if the code does not equal 201.
We were missing this test on Windows, which meant we didn't notice that
we never fixed the single authentication attempt it tries, nor its wrong
return code.
Enable this for the unix platforms as well over HTTP. We previously were
doing it locally but disabled it on OS X due to issues with its sshd not
accepting password authentication.
We commonly have to check if a git_buf has been allocated
correctly or if we ran out of memory. Introduce a new macro
similar to `GITERR_CHECK_ALLOC` which checks if we ran OOM and if
so returns an error. Provide a `#nodef` for Coverity to mark the
error case as an abort path.
Coverity does not comprehend the connection between a vector's
size and the contents pointer, that is that the vector's pointer
is non-NULL when its size is positive. As the vector code should
be reasonably well tested and users are expected to not manually
modify a vector's contents it seems save to assume that the
macros will never dereference a NULL pointer.
Fix Coverity warnings by overriding the foreach macros with
macros that explicitly aborting when (v)->contents is NULL.
When checking if a string is prefixed by a drive letter (e.g.
"C:") we verify this by inspecting the first and second character
of the string. Coverity thinks this is a defect as we do not
check the string's length first, but in fact we only check the
second character if the first character is part of the alphabet,
that is it cannot be '\0'.
Fix this by overriding the macro and explicitly checking the
string's length.
Add nodefs for macros that abort the current flow due to errors.
This includes macros that trigger on integer overflows and for
the version check macro. This aids Coverity as we point out that
these paths will cause a fatal error.
When posting our instrumented build results to Coverity we have
to include sensitive information, in particular our authorization
token. Currently we use an unencrypted channel to post this
information, leading to the token being transferred in plain.
Fix this by using a secured connection instead.
Coverity currently lists a lot of errors with regard to
GITERR_CHECK_ALLOC causing resource leaks. We know this macro is
only invoked when we want to abort because we are out of memory.
Coverity allows for overriding the default model where we know
that certain functions guarantee a desired behavior. The
user_nodefs.h is used to override the behavior of macros.
Re-define GITERR_CHECK_ALLOC inside of it to specify its abort
nature.
These tests were not being taken into consideration for the failure of
the test. They've been failing for a while now, but we hadn't noticed as
Travis was reporting the builds successful.
use MSYS makefiles generator
add bash script for running mingw on appveyor
add --login and fix run paths
use msys style path to appveyor-mingw.sh
add mingw path to /etc/fstab
git allows you to set which paths to use for the git server programs
when connecting over ssh; and we want to provide something similar.
We do this by providing a factory function which can be set as the
remote's transport callback which will set the given paths upon
creation.
Our ssh tests assume that the server supports password authentication
in a few places. This is convenient as we're not testing authentication
methods, but what happens around them.
Tell sshd on OSX to accept this form of authentication.
An empty string is not a valid number, and some shells complain.
Check instead if $COVERITY is non-empty, which is a common convention
and what we're doing anyway.
When implementing the ssh testing, the move to the script made it so
the first test suite's exit code was ignored. Check whether the main
tests fail and exit with an error in that case.
