Hash :
3db9aa6f
Author :
Date :
2018-10-18T11:32:48
signature: avoid out-of-bounds reads when parsing signature dates We use `git__strtol64` and `git__strtol32` to parse the trailing commit or author date and timezone of signatures. As signatures are usually part of a commit or tag object and thus essentially untrusted data, the buffer may be misformatted and may not be `NUL` terminated. This may lead to an out-of-bounds read. Fix the issue by using `git__strntol64` and `git__strntol32` instead.
Git HTTP | https://git.kmx.io/thodg/libgit2.git |
---|---|
Git SSH | git@git.kmx.io:thodg/libgit2.git |
Public access ? | public |
Description | |
Users |
![]() |
Tags |
|