pclouds@xxxxxxxxx writes: > Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@xxxxxxxxx> > --- > sha1_name.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/sha1_name.c b/sha1_name.c > index 9b226e3..6ffee22 100644 > --- a/sha1_name.c > +++ b/sha1_name.c > @@ -157,7 +157,7 @@ static int get_short_sha1(const char *na > char canonical[40]; > unsigned char res[20]; > > - if (len < MINIMUM_ABBREV) > + if (len < MINIMUM_ABBREV || len > 40) > return -1; > hashclr(res); > memset(canonical, 'x', 40); Thanks. The patch is correct, but it needs a better explanation in the proposed commit log message than just "Don't segfault". get_describe_name() can be fed a string foo-gXXX...XXX with a very looooooooong hexstring. It calls get_short_sha1() without checking if XXX...XXX part is longer than 40-bytes (in which case it cannot be a valid object name). get_sha1_1() has the same problem. Given a hexstring longer than 40-bytes, it calls the function with it because earlier ones such as get_sha1_hex() would reject the input. - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html