)]}'
{
  "commit": "e91cfe6085c4a61372d1f800b473b73b8d225d0d",
  "tree": "7700e28d8857eab988c903490d542f2fe5b10685",
  "parents": [
    "a5bb10fd5e74101e7c07da93e7c32bbe60f6173a"
  ],
  "author": {
    "name": "Taylor Blau",
    "email": "me@ttaylorr.com",
    "time": "Thu Apr 06 14:28:53 2023 -0400"
  },
  "committer": {
    "name": "Johannes Schindelin",
    "email": "johannes.schindelin@gmx.de",
    "time": "Mon Apr 17 21:15:40 2023 +0200"
  },
  "message": "config.c: avoid integer truncation in `copy_or_rename_section_in_file()`\n\nThere are a couple of spots within `copy_or_rename_section_in_file()`\nthat incorrectly use an `int` to track an offset within a string, which\nmay truncate or wrap around to a negative value.\n\nHistorically it was impossible to have a line longer than 1024 bytes\nanyway, since we used fgets() with a fixed-size buffer of exactly that\nlength. But the recent change to use a strbuf permits us to read lines\nof arbitrary length, so it\u0027s possible for a malicious input to cause us\nto overflow past INT_MAX and do an out-of-bounds array read.\n\nPractically speaking, however, this should never happen, since it\nrequires 2GB section names or values, which are unrealistic in\nnon-malicious circumstances.\n\nCo-authored-by: Jeff King \u003cpeff@peff.net\u003e\nSigned-off-by: Jeff King \u003cpeff@peff.net\u003e\nSigned-off-by: Taylor Blau \u003cme@ttaylorr.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "524347676d0da03b76bbe74bebf7078cf7c0d368",
      "old_mode": 33188,
      "old_path": "config.c",
      "new_id": "e4189aa2d79f628bfe2a2ab673be5e0c20463505",
      "new_mode": 33188,
      "new_path": "config.c"
    }
  ]
}