Please sign in to comment.
get_sha1_hex(): do not read past a NUL character
Previously, get_sha1_hex() would read one character past the end of a null-terminated string whose strlen was an even number less than 40. Although the function correctly returned -1 in these cases, the extra memory access might have been to uninitialized (or even, conceivably, unallocated) memory. Add a check to avoid reading past the end of a string. This problem was discovered by Thomas Rast <firstname.lastname@example.org> using valgrind. Signed-off-by: Michael Haggerty <email@example.com> Signed-off-by: Junio C Hamano <firstname.lastname@example.org>
- Loading branch information...