On Thu, Mar 7, 2024 at 3:47 PM Junio C Hamano <gitster@xxxxxxxxx> wrote: > * So here is the version I queued. I have a new paragraph at the > end of the log message to talk about use of strstr() and how it > is OK in the current codebase. > [jc: tweaked the commit log message and the implementation a bit] > > From: Florian Schmidt <flosch@xxxxxxxxxxx> > > In general, if wt_status_locate_end() is given a piece of the memory > that lacks NUL at all, strstr() may continue across page boundaries > and run into an unmapped page. For our current callers, this is not > a problem, as all of them except one uses a memory owned by a strbuf > (which guarantees an implicit NUL-termination after its payload), > and the one exeption in trailer.c:find_end_of_log_message() uses > strlen() to compute the length before calling this function. s/exeption/exception/
