Merge pull request #4894 from pks-t/pks/commit-author-oob

commit: fix out-of-bound reads when parsing truncated author fields

Merge pull request #4894 from pks-t/pks/commit-author-oob
commit: fix out-of-bound reads when parsing truncated author fields
94fce582 · Edward Thomson · GitHub · 11d33df8 · cb23c3ef · 94fce582
Unverified Commit 94fce582 authored Nov 21, 2018 by Edward Thomson Committed by GitHub Nov 21, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 1 additions and 1 deletions

src/commit.c
+1 -1

No files found.
--- a/src/commit.c
+++ b/src/commit.c
@@ -420,7 +420,7 @@ int git_commit__parse_raw(void *_commit, const char *data, size_t size)
 		return -1;

 	/* Some tools create multiple author fields, ignore the extra ones */
-	while ((size_t)(buffer_end - buffer) >= strlen("author ") && !git__prefixcmp(buffer, "author ")) {
+	while (!git__prefixncmp(buffer, buffer_end - buffer, "author ")) {
 		if (git_signature__parse(&dummy_sig, &buffer, buffer_end, "author ", '\n') < 0)
 			return -1;