)]}'
{
  "commit": "9979c8956bc8bb07f1fc7d5bb57e3b3a3cec945d",
  "tree": "a1336b132cb4bbd7055f5ac4239acd6538568b6a",
  "parents": [
    "bd1492e1812fff842c31c0f4da84d48f1349265c"
  ],
  "author": {
    "name": "Joe Drago",
    "email": "jdrago@netflix.com",
    "time": "Thu Aug 19 02:24:31 2021 -0700"
  },
  "committer": {
    "name": "Joe Drago",
    "email": "jdrago@netflix.com",
    "time": "Thu Aug 19 02:24:31 2021 -0700"
  },
  "message": "When creating the read buffer in avifDecoderItemRead(), always make the buffer the item\u0027s full size\n\nThis avoids progressive image partial item reads causing reallocs of this buffer, which can cause\ndangling pointers in the underlying AV1 decoders (use-after-free). As the natural pattern of this\ntype of usage is to ultimately decode the final image, those additional reallocations are also\ntypically unnecessary overhead, as we\u0027ll eventually be using this sized buffer anyway.\n\nThis should address Chromium issue 1239472.\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "667ff2f6235710fcb24baa30a6cc35db06cd0c1a",
      "old_mode": 33188,
      "old_path": "src/read.c",
      "new_id": "8c0ef8a913e3a1f4ef4d1e4469a141dae86d7963",
      "new_mode": 33188,
      "new_path": "src/read.c"
    }
  ]
}