NUL-terminate empty logmsg buffer for strlcat(3) Because the logmsg output buffer was not NUL-terminated after allocation, strlcat(3) could append log message contents copied from the temporary file at a wrong memory location. In the case observed by me, this bug resulted in a broken commit object.
diff --git a/got/got.c b/got/got.c
index 4670079..4b1cab4 100644
--- a/got/got.c
+++ b/got/got.c
@@ -2381,6 +2381,7 @@ collect_commit_logmsg(struct got_pathlist_head *commitable_paths, char **logmsg,
err = got_error_from_errno("malloc");
goto done;
}
+ (*logmsg)[0] = '\0';
len = 0;
fp = fopen(a->logmsg_path, "r");