Patch for CVE-2016-2324

 Obtained via Debian Security Tracker
 https://security-tracker.debian.org/tracker/CVE-2016-2324
 https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
Bump pkgrev

12 files changed, 512 insertions, 2 deletions

diff --git a/devel/git-base/Makefile b/devel/git-base/Makefile
index 3c87beb40bd..969ab743775 100644
--- a/devel/git-base/Makefile
+++ b/devel/git-base/Makefile
@@ -1,5 +1,6 @@
-# $NetBSD: Makefile,v 1.22 2016/03/12 11:33:32 adam Exp $
+# $NetBSD: Makefile,v 1.23 2016/03/16 19:38:52 sevan Exp $
 
+PKGREVISION=	1
 .include "../../devel/git/Makefile.common"
 
 PKGNAME=	git-base-${GIT_VERSION}
diff --git a/devel/git-base/distinfo b/devel/git-base/distinfo
index 3eccff1bd42..9e437e298a9 100644
--- a/devel/git-base/distinfo
+++ b/devel/git-base/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.45 2016/03/12 11:33:32 adam Exp $
+$NetBSD: distinfo,v 1.46 2016/03/16 19:38:52 sevan Exp $
 
 SHA1 (git-2.7.3.tar.xz) = d7be9af73cc56c606e0744beb0091b612b416909
 RMD160 (git-2.7.3.tar.xz) = 5111811158362bbc6d4e0a97ec8df8e56c1bd674
@@ -11,5 +11,15 @@ SHA1 (patch-af) = 06460f220b4703a1ff98809006ec1aed5017bb23
 SHA1 (patch-ag) = 4f0b9a5745203ea7ef369c8272b3ea7c644762f0
 SHA1 (patch-ah) = f22a2160631fb624e9e20616c68ad1a4aa2bebc7
 SHA1 (patch-ai) = 56b63d4790a11f5eb128186ad5efdd1bcf102f2e
+SHA1 (patch-builtin_pack-objects.c) = 8038e9fca76f465c87d6e4265cb657965fca5fee
+SHA1 (patch-builtin_rev-list.c) = 52605a6e05e62e45a161e09dba5cf0ae448d642c
 SHA1 (patch-config.mak.uname) = 5316873147acf5b6ef29e426946280bb6441c886
+SHA1 (patch-http-push.c) = ff931b9043ca8ddedc336d27efe8102e5372b66a
+SHA1 (patch-list-objects.c) = 0250fb74b635d27694dc8e7c99f48a0ba1f23ab7
+SHA1 (patch-list-objects.h) = e341343431e6b64bb6bf4463d632f50107110f37
+SHA1 (patch-pack-bitmap-write.c) = 31492718f3812a9229d33ebe4b8bfcebce0e5805
+SHA1 (patch-pack-bitmap.c) = 76c23b6b328a6b113b58ef026231623d73d1f088
+SHA1 (patch-reachable.c) = b58b59073662b74bbae02f83a5e05c29dee76185
+SHA1 (patch-revision.c) = d9b372b3930578817f5517cc76639fce832a0c58
+SHA1 (patch-revision.h) = 3258d405f6d2d3e5103d1e34cbcefec3da767298
 SHA1 (patch-wrapper.c) = 1fb629ec301d0431cb5bebd716b1c3a7ae45577f
diff --git a/devel/git-base/patches/patch-builtin_pack-objects.c b/devel/git-base/patches/patch-builtin_pack-objects.c
new file mode 100644
index 00000000000..184b0587f5d
--- /dev/null
+++ b/devel/git-base/patches/patch-builtin_pack-objects.c
@@ -0,0 +1,41 @@
+$NetBSD: patch-builtin_pack-objects.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- builtin/pack-objects.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ builtin/pack-objects.c
+@@ -2285,21 +2285,11 @@ static void show_commit(struct commit *c
+ 		index_commit_for_bitmap(commit);
+ }
+ 
+-static void show_object(struct object *obj,
+-			const struct name_path *path, const char *last,
+-			void *data)
++static void show_object(struct object *obj, const char *name, void *data)
+ {
+-	char *name = path_name(path, last);
+-
+ 	add_preferred_base_object(name);
+ 	add_object_entry(obj->oid.hash, obj->type, name, 0);
+ 	obj->flags |= OBJECT_ADDED;
+-
+-	/*
+-	 * We will have generated the hash from the name,
+-	 * but not saved a pointer to it - we can free it
+-	 */
+-	free((char *)name);
+ }
+ 
+ static void show_edge(struct commit *commit)
+@@ -2481,8 +2471,7 @@ static int get_object_list_from_bitmap(s
+ }
+ 
+ static void record_recent_object(struct object *obj,
+-				 const struct name_path *path,
+-				 const char *last,
++				 const char *name,
+ 				 void *data)
+ {
+ 	sha1_array_append(&recent_objects, obj->oid.hash);
diff --git a/devel/git-base/patches/patch-builtin_rev-list.c b/devel/git-base/patches/patch-builtin_rev-list.c
new file mode 100644
index 00000000000..7d81551c85f
--- /dev/null
+++ b/devel/git-base/patches/patch-builtin_rev-list.c
@@ -0,0 +1,38 @@
+$NetBSD: patch-builtin_rev-list.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- builtin/rev-list.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ builtin/rev-list.c
+@@ -177,9 +177,7 @@ static void finish_commit(struct commit 
+ 	free_commit_buffer(commit);
+ }
+ 
+-static void finish_object(struct object *obj,
+-			  const struct name_path *path, const char *name,
+-			  void *cb_data)
++static void finish_object(struct object *obj, const char *name, void *cb_data)
+ {
+ 	struct rev_list_info *info = cb_data;
+ 	if (obj->type == OBJ_BLOB && !has_object_file(&obj->oid))
+@@ -188,15 +186,13 @@ static void finish_object(struct object 
+ 		parse_object(obj->oid.hash);
+ }
+ 
+-static void show_object(struct object *obj,
+-			const struct name_path *path, const char *component,
+-			void *cb_data)
++static void show_object(struct object *obj, const char *name, void *cb_data)
+ {
+ 	struct rev_list_info *info = cb_data;
+-	finish_object(obj, path, component, cb_data);
++	finish_object(obj, name, cb_data);
+ 	if (info->flags & REV_LIST_QUIET)
+ 		return;
+-	show_object_with_name(stdout, obj, path, component);
++	show_object_with_name(stdout, obj, name);
+ }
+ 
+ static void show_edge(struct commit *commit)
diff --git a/devel/git-base/patches/patch-http-push.c b/devel/git-base/patches/patch-http-push.c
new file mode 100644
index 00000000000..cafd6d91920
--- /dev/null
+++ b/devel/git-base/patches/patch-http-push.c
@@ -0,0 +1,82 @@
+$NetBSD: patch-http-push.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- http-push.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ http-push.c
+@@ -1277,9 +1277,7 @@ static struct object_list **add_one_obje
+ }
+ 
+ static struct object_list **process_blob(struct blob *blob,
+-					 struct object_list **p,
+-					 struct name_path *path,
+-					 const char *name)
++					 struct object_list **p)
+ {
+ 	struct object *obj = &blob->object;
+ 
+@@ -1293,14 +1291,11 @@ static struct object_list **process_blob
+ }
+ 
+ static struct object_list **process_tree(struct tree *tree,
+-					 struct object_list **p,
+-					 struct name_path *path,
+-					 const char *name)
++					 struct object_list **p)
+ {
+ 	struct object *obj = &tree->object;
+ 	struct tree_desc desc;
+ 	struct name_entry entry;
+-	struct name_path me;
+ 
+ 	obj->flags |= LOCAL;
+ 
+@@ -1310,21 +1305,17 @@ static struct object_list **process_tree
+ 		die("bad tree object %s", oid_to_hex(&obj->oid));
+ 
+ 	obj->flags |= SEEN;
+-	name = xstrdup(name);
+ 	p = add_one_object(obj, p);
+-	me.up = path;
+-	me.elem = name;
+-	me.elem_len = strlen(name);
+ 
+ 	init_tree_desc(&desc, tree->buffer, tree->size);
+ 
+ 	while (tree_entry(&desc, &entry))
+ 		switch (object_type(entry.mode)) {
+ 		case OBJ_TREE:
+-			p = process_tree(lookup_tree(entry.sha1), p, &me, name);
++			p = process_tree(lookup_tree(entry.sha1), p);
+ 			break;
+ 		case OBJ_BLOB:
+-			p = process_blob(lookup_blob(entry.sha1), p, &me, name);
++			p = process_blob(lookup_blob(entry.sha1), p);
+ 			break;
+ 		default:
+ 			/* Subproject commit - not in this repository */
+@@ -1343,7 +1334,7 @@ static int get_delta(struct rev_info *re
+ 	int count = 0;
+ 
+ 	while ((commit = get_revision(revs)) != NULL) {
+-		p = process_tree(commit->tree, p, NULL, "");
++		p = process_tree(commit->tree, p);
+ 		commit->object.flags |= LOCAL;
+ 		if (!(commit->object.flags & UNINTERESTING))
+ 			count += add_send_request(&commit->object, lock);
+@@ -1362,11 +1353,11 @@ static int get_delta(struct rev_info *re
+ 			continue;
+ 		}
+ 		if (obj->type == OBJ_TREE) {
+-			p = process_tree((struct tree *)obj, p, NULL, name);
++			p = process_tree((struct tree *)obj, p);
+ 			continue;
+ 		}
+ 		if (obj->type == OBJ_BLOB) {
+-			p = process_blob((struct blob *)obj, p, NULL, name);
++			p = process_blob((struct blob *)obj, p);
+ 			continue;
+ 		}
+ 		die("unknown pending object %s (%s)", oid_to_hex(&obj->oid), name);
diff --git a/devel/git-base/patches/patch-list-objects.c b/devel/git-base/patches/patch-list-objects.c
new file mode 100644
index 00000000000..c6a6b5deff0
--- /dev/null
+++ b/devel/git-base/patches/patch-list-objects.c
@@ -0,0 +1,126 @@
+$NetBSD: patch-list-objects.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- list-objects.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ list-objects.c
+@@ -11,11 +11,12 @@
+ static void process_blob(struct rev_info *revs,
+ 			 struct blob *blob,
+ 			 show_object_fn show,
+-			 struct name_path *path,
++			 struct strbuf *path,
+ 			 const char *name,
+ 			 void *cb_data)
+ {
+ 	struct object *obj = &blob->object;
++	size_t pathlen;
+ 
+ 	if (!revs->blob_objects)
+ 		return;
+@@ -24,7 +25,11 @@ static void process_blob(struct rev_info
+ 	if (obj->flags & (UNINTERESTING | SEEN))
+ 		return;
+ 	obj->flags |= SEEN;
+-	show(obj, path, name, cb_data);
++
++	pathlen = path->len;
++	strbuf_addstr(path, name);
++	show(obj, path->buf, cb_data);
++	strbuf_setlen(path, pathlen);
+ }
+ 
+ /*
+@@ -52,7 +57,7 @@ static void process_blob(struct rev_info
+ static void process_gitlink(struct rev_info *revs,
+ 			    const unsigned char *sha1,
+ 			    show_object_fn show,
+-			    struct name_path *path,
++			    struct strbuf *path,
+ 			    const char *name,
+ 			    void *cb_data)
+ {
+@@ -62,7 +67,6 @@ static void process_gitlink(struct rev_i
+ static void process_tree(struct rev_info *revs,
+ 			 struct tree *tree,
+ 			 show_object_fn show,
+-			 struct name_path *path,
+ 			 struct strbuf *base,
+ 			 const char *name,
+ 			 void *cb_data)
+@@ -70,7 +74,6 @@ static void process_tree(struct rev_info
+ 	struct object *obj = &tree->object;
+ 	struct tree_desc desc;
+ 	struct name_entry entry;
+-	struct name_path me;
+ 	enum interesting match = revs->diffopt.pathspec.nr == 0 ?
+ 		all_entries_interesting: entry_not_interesting;
+ 	int baselen = base->len;
+@@ -86,17 +89,12 @@ static void process_tree(struct rev_info
+ 			return;
+ 		die("bad tree object %s", oid_to_hex(&obj->oid));
+ 	}
++
+ 	obj->flags |= SEEN;
+-	show(obj, path, name, cb_data);
+-	me.up = path;
+-	me.elem = name;
+-	me.elem_len = strlen(name);
+-
+-	if (!match) {
+-		strbuf_addstr(base, name);
+-		if (base->len)
+-			strbuf_addch(base, '/');
+-	}
++	strbuf_addstr(base, name);
++	show(obj, base->buf, cb_data);
++	if (base->len)
++		strbuf_addch(base, '/');
+ 
+ 	init_tree_desc(&desc, tree->buffer, tree->size);
+ 
+@@ -113,16 +111,16 @@ static void process_tree(struct rev_info
+ 		if (S_ISDIR(entry.mode))
+ 			process_tree(revs,
+ 				     lookup_tree(entry.sha1),
+-				     show, &me, base, entry.path,
++				     show, base, entry.path,
+ 				     cb_data);
+ 		else if (S_ISGITLINK(entry.mode))
+ 			process_gitlink(revs, entry.sha1,
+-					show, &me, entry.path,
++					show, base, entry.path,
+ 					cb_data);
+ 		else
+ 			process_blob(revs,
+ 				     lookup_blob(entry.sha1),
+-				     show, &me, entry.path,
++				     show, base, entry.path,
+ 				     cb_data);
+ 	}
+ 	strbuf_setlen(base, baselen);
+@@ -213,19 +211,19 @@ void traverse_commit_list(struct rev_inf
+ 			continue;
+ 		if (obj->type == OBJ_TAG) {
+ 			obj->flags |= SEEN;
+-			show_object(obj, NULL, name, data);
++			show_object(obj, name, data);
+ 			continue;
+ 		}
+ 		if (!path)
+ 			path = "";
+ 		if (obj->type == OBJ_TREE) {
+ 			process_tree(revs, (struct tree *)obj, show_object,
+-				     NULL, &base, path, data);
++				     &base, path, data);
+ 			continue;
+ 		}
+ 		if (obj->type == OBJ_BLOB) {
+ 			process_blob(revs, (struct blob *)obj, show_object,
+-				     NULL, path, data);
++				     &base, path, data);
+ 			continue;
+ 		}
+ 		die("unknown pending object %s (%s)",
diff --git a/devel/git-base/patches/patch-list-objects.h b/devel/git-base/patches/patch-list-objects.h
new file mode 100644
index 00000000000..cec1fffbcac
--- /dev/null
+++ b/devel/git-base/patches/patch-list-objects.h
@@ -0,0 +1,17 @@
+$NetBSD: patch-list-objects.h,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- list-objects.h.orig	2016-03-10 22:11:15.000000000 +0000
++++ list-objects.h
+@@ -2,7 +2,7 @@
+ #define LIST_OBJECTS_H
+ 
+ typedef void (*show_commit_fn)(struct commit *, void *);
+-typedef void (*show_object_fn)(struct object *, const struct name_path *, const char *, void *);
++typedef void (*show_object_fn)(struct object *, const char *, void *);
+ void traverse_commit_list(struct rev_info *, show_commit_fn, show_object_fn, void *);
+ 
+ typedef void (*show_edge_fn)(struct commit *);
diff --git a/devel/git-base/patches/patch-pack-bitmap-write.c b/devel/git-base/patches/patch-pack-bitmap-write.c
new file mode 100644
index 00000000000..c9aabc09cc3
--- /dev/null
+++ b/devel/git-base/patches/patch-pack-bitmap-write.c
@@ -0,0 +1,18 @@
+$NetBSD: patch-pack-bitmap-write.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- pack-bitmap-write.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ pack-bitmap-write.c
+@@ -148,8 +148,7 @@ static uint32_t find_object_pos(const un
+ 	return entry->in_pack_pos;
+ }
+ 
+-static void show_object(struct object *object, const struct name_path *path,
+-			const char *last, void *data)
++static void show_object(struct object *object, const char *name, void *data)
+ {
+ 	struct bitmap *base = data;
+ 	bitmap_set(base, find_object_pos(object->oid.hash));
diff --git a/devel/git-base/patches/patch-pack-bitmap.c b/devel/git-base/patches/patch-pack-bitmap.c
new file mode 100644
index 00000000000..a25cb6439d5
--- /dev/null
+++ b/devel/git-base/patches/patch-pack-bitmap.c
@@ -0,0 +1,42 @@
+$NetBSD: patch-pack-bitmap.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- pack-bitmap.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ pack-bitmap.c
+@@ -417,19 +417,15 @@ static int ext_index_add_object(struct o
+ 	return bitmap_pos + bitmap_git.pack->num_objects;
+ }
+ 
+-static void show_object(struct object *object, const struct name_path *path,
+-			const char *last, void *data)
++static void show_object(struct object *object, const char *name, void *data)
+ {
+ 	struct bitmap *base = data;
+ 	int bitmap_pos;
+ 
+ 	bitmap_pos = bitmap_position(object->oid.hash);
+ 
+-	if (bitmap_pos < 0) {
+-		char *name = path_name(path, last);
++	if (bitmap_pos < 0)
+ 		bitmap_pos = ext_index_add_object(object, name);
+-		free(name);
+-	}
+ 
+ 	bitmap_set(base, bitmap_pos);
+ }
+@@ -897,9 +893,8 @@ struct bitmap_test_data {
+ 	size_t seen;
+ };
+ 
+-static void test_show_object(struct object *object,
+-			     const struct name_path *path,
+-			     const char *last, void *data)
++static void test_show_object(struct object *object, const char *name,
++			     void *data)
+ {
+ 	struct bitmap_test_data *tdata = data;
+ 	int bitmap_pos;
diff --git a/devel/git-base/patches/patch-reachable.c b/devel/git-base/patches/patch-reachable.c
new file mode 100644
index 00000000000..b4ef874ce8c
--- /dev/null
+++ b/devel/git-base/patches/patch-reachable.c
@@ -0,0 +1,26 @@
+$NetBSD: patch-reachable.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- reachable.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ reachable.c
+@@ -43,15 +43,14 @@ static int add_one_ref(const char *path,
+  * The traversal will have already marked us as SEEN, so we
+  * only need to handle any progress reporting here.
+  */
+-static void mark_object(struct object *obj, const struct name_path *path,
+-			const char *name, void *data)
++static void mark_object(struct object *obj, const char *name, void *data)
+ {
+ 	update_progress(data);
+ }
+ 
+ static void mark_commit(struct commit *c, void *data)
+ {
+-	mark_object(&c->object, NULL, NULL, data);
++	mark_object(&c->object, NULL, data);
+ }
+ 
+ struct recent_data {
diff --git a/devel/git-base/patches/patch-revision.c b/devel/git-base/patches/patch-revision.c
new file mode 100644
index 00000000000..dc2783ce519
--- /dev/null
+++ b/devel/git-base/patches/patch-revision.c
@@ -0,0 +1,82 @@
+$NetBSD: patch-revision.c,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- revision.c.orig	2016-03-10 22:11:15.000000000 +0000
++++ revision.c
+@@ -25,69 +25,13 @@ volatile show_early_output_fn_t show_ear
+ static const char *term_bad;
+ static const char *term_good;
+ 
+-char *path_name(const struct name_path *path, const char *name)
++void show_object_with_name(FILE *out, struct object *obj, const char *name)
+ {
+-	const struct name_path *p;
+-	char *n, *m;
+-	int nlen = strlen(name);
+-	int len = nlen + 1;
+-
+-	for (p = path; p; p = p->up) {
+-		if (p->elem_len)
+-			len += p->elem_len + 1;
+-	}
+-	n = xmalloc(len);
+-	m = n + len - (nlen + 1);
+-	memcpy(m, name, nlen + 1);
+-	for (p = path; p; p = p->up) {
+-		if (p->elem_len) {
+-			m -= p->elem_len + 1;
+-			memcpy(m, p->elem, p->elem_len);
+-			m[p->elem_len] = '/';
+-		}
+-	}
+-	return n;
+-}
+-
+-static int show_path_component_truncated(FILE *out, const char *name, int len)
+-{
+-	int cnt;
+-	for (cnt = 0; cnt < len; cnt++) {
+-		int ch = name[cnt];
+-		if (!ch || ch == '\n')
+-			return -1;
+-		fputc(ch, out);
+-	}
+-	return len;
+-}
+-
+-static int show_path_truncated(FILE *out, const struct name_path *path)
+-{
+-	int emitted, ours;
+-
+-	if (!path)
+-		return 0;
+-	emitted = show_path_truncated(out, path->up);
+-	if (emitted < 0)
+-		return emitted;
+-	if (emitted)
+-		fputc('/', out);
+-	ours = show_path_component_truncated(out, path->elem, path->elem_len);
+-	if (ours < 0)
+-		return ours;
+-	return ours || emitted;
+-}
+-
+-void show_object_with_name(FILE *out, struct object *obj,
+-			   const struct name_path *path, const char *component)
+-{
+-	struct name_path leaf;
+-	leaf.up = (struct name_path *)path;
+-	leaf.elem = component;
+-	leaf.elem_len = strlen(component);
++	const char *p;
+ 
+ 	fprintf(out, "%s ", oid_to_hex(&obj->oid));
+-	show_path_truncated(out, &leaf);
++	for (p = name; *p && *p != '\n'; p++)
++		fputc(*p, out);
+ 	fputc('\n', out);
+ }
+ 
diff --git a/devel/git-base/patches/patch-revision.h b/devel/git-base/patches/patch-revision.h
new file mode 100644
index 00000000000..005ea650d54
--- /dev/null
+++ b/devel/git-base/patches/patch-revision.h
@@ -0,0 +1,27 @@
+$NetBSD: patch-revision.h,v 1.1 2016/03/16 19:38:52 sevan Exp $
+
+CVE-2016-2324 via Debian
+https://security-tracker.debian.org/tracker/CVE-2016-2324
+https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d
+
+--- revision.h.orig	2016-03-10 22:11:15.000000000 +0000
++++ revision.h
+@@ -257,16 +257,9 @@ extern void put_revision_mark(const stru
+ extern void mark_parents_uninteresting(struct commit *commit);
+ extern void mark_tree_uninteresting(struct tree *tree);
+ 
+-struct name_path {
+-	struct name_path *up;
+-	int elem_len;
+-	const char *elem;
+-};
+-
+-char *path_name(const struct name_path *path, const char *name);
++char *path_name(struct strbuf *path, const char *name);
+ 
+-extern void show_object_with_name(FILE *, struct object *,
+-				  const struct name_path *, const char *);
++extern void show_object_with_name(FILE *, struct object *, const char *);
+ 
+ extern void add_pending_object(struct rev_info *revs,
+ 			       struct object *obj, const char *name);