Jeff Hostetler <git@xxxxxxxxxxxxxxxxx> writes: > On 3/15/21 12:39 PM, Andrzej Hunt via GitGitGadget wrote: >> From: Andrzej Hunt <ajrhunt@xxxxxxxxxx> >> query_result can be be an empty strbuf (STRBUF_INIT) - in that case >> trying to read 3 bytes triggers a buffer overflow read (as >> query_result.buf = '\0'). >> Therefore we need to check query_result's length before trying to >> read 3 >> bytes. >> This overflow was introduced in: >> 940b94f35c (fsmonitor: log invocation of FSMonitor hook to trace2, 2021-02-03) >> It was found when running the test-suite against ASAN, and can be most >> easily reproduced with the following command: > ... > Looks good to me. And thanks for catching this. Thanks, will queue on jh/fsmonitor-prework as a maint-2.31 candidate.
