From 7bd1244b2c4a397af95a43eb619d549a6bc9653b Mon Sep 17 00:00:00 2001
From: Janice Agustin <janice.agustin@ericsson.com>
Date: Mon, 29 Jun 2015 12:41:35 -0400
Subject: [PATCH 1/4] Avoid NPE in get related changes

Do a null check before getting the change from change data.

A null pointer exception was reported when getting related changes [1].
The change that introduced this vulnerability is [2].

[1] https://groups.google.com/forum/#!topic/repo-discuss/3oS_ynJqGjo
[2] https://gerrit-review.googlesource.com/#/c/63221

Change-Id: I9ca2616492f665044e757a1c0d5dd604c29b21cc
---
 .../java/com/google/gerrit/server/change/GetRelated.java     | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/change/GetRelated.java b/gerrit-server/src/main/java/com/google/gerrit/server/change/GetRelated.java
index 6cdae44bbc..0144b94d7b 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/change/GetRelated.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/change/GetRelated.java
@@ -116,7 +116,10 @@ public class GetRelated implements RestReadView<RevisionResource> {
       PatchSet p = commits.get(c.name());
       Change g = null;
       if (p != null) {
-        g = changes.get(p.getId().getParentKey()).change();
+        ChangeData cd = changes.get(p.getId().getParentKey());
+        if (cd != null) {
+          g = cd.change();
+        }
         added.add(p.getId().getParentKey());
       }
       parents.add(new ChangeAndCommit(g, p, c));

From b2c2a03a07ee1b96dc1831bde80f7470a8cd3ec4 Mon Sep 17 00:00:00 2001
From: Edwin Kempin <edwin.kempin@sap.com>
Date: Tue, 30 Jun 2015 08:47:30 +0200
Subject: [PATCH 2/4] Update plugin archetype version in plugin documentation
 to 2.11

Change-Id: I4b70901816a10723bfd102400f7f7bfe1c984860
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
---
 Documentation/dev-plugins.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Documentation/dev-plugins.txt b/Documentation/dev-plugins.txt
index d013400bfd..dd52b88fd7 100644
--- a/Documentation/dev-plugins.txt
+++ b/Documentation/dev-plugins.txt
@@ -36,7 +36,7 @@ plugin project.
 ----
 mvn archetype:generate -DarchetypeGroupId=com.google.gerrit \
     -DarchetypeArtifactId=gerrit-plugin-archetype \
-    -DarchetypeVersion=2.10.6 \
+    -DarchetypeVersion=2.11 \
     -DgroupId=com.googlesource.gerrit.plugins.testplugin \
     -DartifactId=testplugin
 ----

From 916434182062296db2b92b41eb3c60db6226944d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sa=C5=A1a=20=C5=BDivkov?= <sasa.zivkov@sap.com>
Date: Tue, 30 Jun 2015 12:55:04 +0200
Subject: [PATCH 3/4] Make sure /a is not in the project name for git-over-http
 requests

The "/a" prefix is used to trigger authentication but was not removed
from the request's pathInfo. Therefore, it was included in the project
name and hence the project wasn't found when performing, for examples:

  $ git fetch http://server/a/project

Change-Id: I9eadd5759d5936f040431ebbb401c35c437f537e
---
 .../main/java/com/google/gerrit/httpd/GitOverHttpServlet.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/GitOverHttpServlet.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/GitOverHttpServlet.java
index e73f80592c..43cd741e74 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/GitOverHttpServlet.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/GitOverHttpServlet.java
@@ -91,7 +91,7 @@ public class GitOverHttpServlet extends GitServlet {
   public static final String URL_REGEX;
   static {
     StringBuilder url = new StringBuilder();
-    url.append("^(?:/p/|/)(.*/(?:info/refs");
+    url.append("^(?:/a)?(?:/p/|/)(.*/(?:info/refs");
     for (String name : GitSmartHttpTools.VALID_SERVICES) {
       url.append('|').append(name);
     }

From e32f360238811dc0a45214b9dc6a05aeceef8451 Mon Sep 17 00:00:00 2001
From: Edwin Kempin <edwin.kempin@sap.com>
Date: Tue, 30 Jun 2015 14:16:27 +0200
Subject: [PATCH 4/4] Update download-commands plugin revision

Change-Id: If027fb113d3cf265dfe84e32898fff1b0f1e48f7
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
---
 plugins/download-commands | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/download-commands b/plugins/download-commands
index baa09c2e26..63e7cf5f24 160000
--- a/plugins/download-commands
+++ b/plugins/download-commands
@@ -1 +1 @@
-Subproject commit baa09c2e265a2b264a5fb4571e7eefda04def0c4
+Subproject commit 63e7cf5f24045ede2ee9e5a220e594716b2b6ce4