There are a small number of places in our codebase where we cast a buffer of unsigned char to a struct object_id pointer. When we have GIT_MAX_RAWSZ set to 32 (because we have SHA-256), one of these places (the buffer for tree objects) can lead to us copying too much data when using SHA-1 as the hash, since there are only 20 bytes to read.
Changes from v1: * Use hashcpy instead of memcpy. * Adopt Peff's suggestion for improving patch 3. brian m. carlson (5): tree-walk: copy object ID before use match-trees: compute buffer offset correctly when splicing match-trees: use hashcpy to splice trees tree-walk: store object_id in a separate member cache: make oidcpy always copy GIT_MAX_RAWSZ bytes builtin/grep.c | 8 ++++---- builtin/merge-tree.c | 20 ++++++++++---------- builtin/pack-objects.c | 4 ++-- builtin/reflog.c | 4 ++-- cache-tree.c | 4 ++-- cache.h | 2 +- contrib/coccinelle/object_id.cocci | 30 ------------------------------ delta-islands.c | 2 +- fsck.c | 4 ++-- http-push.c | 4 ++-- list-objects.c | 6 +++--- match-trees.c | 27 ++++++++++++++++++++------- notes.c | 4 ++-- packfile.c | 2 +- revision.c | 4 ++-- tree-diff.c | 6 +++--- tree-walk.c | 21 ++++++++++++--------- tree-walk.h | 9 ++++++--- tree.c | 10 +++++----- unpack-trees.c | 6 +++--- walker.c | 4 ++-- 21 files changed, 85 insertions(+), 96 deletions(-)
