Jeff King <peff@xxxxxxxx> writes: > We use add_patterns() to read .gitignore, .git/info/exclude, etc, as > well as other pattern-like files like sparse-checkout. The parser for > these uses an "int" as an index, meaning that files over 2GB will > generally cause signed integer overflow and out-of-bounds access. I also wondered if we need similar protection on the attribute side, but it turns out that we process the files one line at a time without holding everything in core. Both exclude and attribute subsystem are not protected against parseed _result_ consuming too much memory, but at least with your patch, we are covered on the input side. I wonder if it is worth rewriting the exclude side to stream like attribute parsing, though. It probalby is not.