thodg/libgit2/AUTHORS

• Show log

  Commit

• Hash : 014d4955
  Author :
  Date : 2019-02-20T15:30:11
  

  apply: prevent OOB read when parsing source buffer
  
  When parsing the patch image from a string, we split the string
  by newlines to get a line-based view of it. To split, we use
  `memchr` on the buffer and limit the buffer length by the
  original length provided by the caller. This works just fine for
  the first line, but for every subsequent line we need to actually
  subtract the amount of bytes that we have already read.
  
  The above issue can be easily triggered by having a source buffer
  with at least two lines, where the second line does _not_ end in
  a newline. Given a string "foo\nb", we have an original length of
  five bytes. After having extracted the first line, we will point
  to 'b' and again try to `memchr(p, '\n', 5)`, resulting in an
  out-of-bounds read of four bytes.
  
  Fix the issue by correctly subtracting the amount of bytes
  already read.
  

Download

• AUTHORS

• The following people contribute or have contributed
  to the libgit2 project (sorted alphabetically):
  
  Alex Budovski
  Alexei Sholik
  Andreas Ericsson
  Anton "antong" Gyllenberg
  Ankur Sethi
  Arthur Schreiber
  Ben Noordhuis
  Ben Straub
  Benjamin C Meyer
  Brian Downing
  Brian Lopez
  Carlos Martín Nieto
  Colin Timmermans
  Daniel Huckstep
  Dave Borowitz
  David Boyce
  David Glesser
  Dmitry Kakurin
  Dmitry Kovega
  Emeric Fermas
  Emmanuel Rodriguez
  Eric Myhre
  Erik Aigner
  Florian Forster
  Holger Weiss
  Ingmar Vanhassel
  J. David Ibáñez
  Jacques Germishuys
  Jakob Pfender
  Jason Penny
  Jason R. McNeil
  Jerome Lambourg
  Johan 't Hart
  John Wiegley
  Jonathan "Duke" Leto
  Julien Miotte
  Julio Espinoza-Sokal
  Justin Love
  Kelly "kelly.leahy" Leahy
  Kirill A. Shutemov
  Lambert CLARA
  Luc Bertrand
  Marc Pegon
  Marcel Groothuis
  Marco Villegas
  Michael "schu" Schubert
  Microsoft Corporation
  Olivier Ramonat
  Peter Drahoš
  Pierre Habouzit
  Pierre-Olivier Latour
  Przemyslaw Pawelczyk
  Ramsay Jones
  Robert G. Jakabosky
  Romain Geissler
  Romain Muller
  Russell Belfer
  Sakari Jokinen
  Samuel Charles "Sam" Day
  Sarath Lakshman
  Sascha Cunz
  Sascha Peilicke
  Scott Chacon
  Sebastian Schuberth
  Sergey Nikishin
  Shawn O. Pearce
  Shuhei Tanuma
  Steve Frécinaux
  Sven Strickroth
  Tim Branyen
  Tim Clem
  Tim Harder
  Torsten Bögershausen
  Trent Mick
  Vicent Marti
  

Download