From: Junio C Hamano <gitster@pobox.com>
Date: Sun, 30 Nov 2025 18:03:37 +0000 (-0800)
Subject: Merge branch 'jk/asan-bonanza' into jk/parse-int
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9841b05cbce103eb7d73c36628f2ed846c1656ef;p=thirdparty%2Fgit.git

Merge branch 'jk/asan-bonanza' into jk/parse-int

* jk/asan-bonanza:
  t: enable ASan's strict_string_checks option
  fsck: avoid parse_timestamp() on buffer that isn't NUL-terminated
  fsck: remove redundant date timestamp check
  fsck: avoid strcspn() in fsck_ident()
  fsck: assert newline presence in fsck_ident()
  cache-tree: avoid strtol() on non-string buffer
  Makefile: turn on NO_MMAP when building with ASan
  pack-bitmap: handle name-hash lookups in incremental bitmaps
  compat/mmap: mark unused argument in git_munmap()
---

9841b05cbce103eb7d73c36628f2ed846c1656ef
diff --cc fsck.c
index 341e100d24,ec45f786d6..8e8083e7c6
--- a/fsck.c
+++ b/fsck.c
@@@ -1065,26 -1093,8 +1094,26 @@@ int fsck_tag_standalone(const struct ob
  			goto done;
  	}
  	else
- 		ret = fsck_ident(&buffer, oid, OBJ_TAG, options);
+ 		ret = fsck_ident(&buffer, buffer_end, oid, OBJ_TAG, options);
  
 +	if (buffer < buffer_end && (skip_prefix(buffer, "gpgsig ", &buffer) || skip_prefix(buffer, "gpgsig-sha256 ", &buffer))) {
 +		eol = memchr(buffer, '\n', buffer_end - buffer);
 +		if (!eol) {
 +			ret = report(options, oid, OBJ_TAG, FSCK_MSG_BAD_GPGSIG, "invalid format - unexpected end after 'gpgsig' or 'gpgsig-sha256' line");
 +			goto done;
 +		}
 +		buffer = eol + 1;
 +
 +		while (buffer < buffer_end && starts_with(buffer, " ")) {
 +			eol = memchr(buffer, '\n', buffer_end - buffer);
 +			if (!eol) {
 +				ret = report(options, oid, OBJ_TAG, FSCK_MSG_BAD_HEADER_CONTINUATION, "invalid format - unexpected end in 'gpgsig' or 'gpgsig-sha256' continuation line");
 +				goto done;
 +			}
 +			buffer = eol + 1;
 +		}
 +	}
 +
  	if (buffer < buffer_end && !starts_with(buffer, "\n")) {
  		/*
  		 * The verify_headers() check will allow