)]}'
{
  "commit": "caa7bb4457bfcafcd55a940204ef78c1bf1f417d",
  "tree": "5b2e66b1e375455b125eda3dd43b1718c73b5b46",
  "parents": [
    "929c17cf481222c35ff1652498994871120e832a"
  ],
  "author": {
    "name": "Derek Mauro",
    "email": "761129+derekmauro@users.noreply.github.com",
    "time": "Thu Jan 23 09:51:03 2025 -0500"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Thu Jan 23 09:51:03 2025 -0500"
  },
  "message": "Fix potential integer overflow in hash container create/resize (#1813)\n\nThe sized constructors, reserve(), and rehash() methods of\r\nabsl::{flat,node}_hash_{set,map} did not impose an upper bound on\r\ntheir size argument. As a result, it was possible for a caller to pass\r\na very large size that would cause an integer overflow when computing\r\nthe size of the container\u0027s backing store. Subsequent accesses to the\r\ncontainer might then access out-of-bounds memory.\r\n\r\nThe fix is in two parts:\r\n\r\n1) Update max_size() to return the maximum number of items that can be\r\nstored in the container\r\n\r\n2) Validate the size arguments to the constructors, reserve(), and\r\nrehash() methods, and abort the program when the argument is invalid\r\n\r\nWe\u0027ve looked at uses of these containers in Google codebases like\r\nChrome, and determined this vulnerability is likely to be difficult to\r\nexploit. This is primarily because container sizes are rarely\r\nattacker-controlled.\r\n\r\nThe bug was discovered by Dmitry Vyukov \u003cdvyukov@google.com\u003e.",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "8e11df2aba46e948219e21e6191058af1300c4a9",
      "old_mode": 33188,
      "old_path": "absl/base/config.h",
      "new_id": "b8ae9b6857d0c41a8b0c600d033fdac26622d6e1",
      "new_mode": 33188,
      "new_path": "absl/base/config.h"
    },
    {
      "type": "modify",
      "old_id": "5f89d8efee6f830e8b96a92f760b11976df4dc92",
      "old_mode": 33188,
      "old_path": "absl/container/internal/raw_hash_set.h",
      "new_id": "92b93453314030e557637013397823a51e58ad35",
      "new_mode": 33188,
      "new_path": "absl/container/internal/raw_hash_set.h"
    },
    {
      "type": "modify",
      "old_id": "242a97cbe3f5d60e322c47ea084d3caeaccebb2d",
      "old_mode": 33188,
      "old_path": "absl/container/internal/raw_hash_set_test.cc",
      "new_id": "d5d5f3934da9fa8b42ddab99472befc87f590196",
      "new_mode": 33188,
      "new_path": "absl/container/internal/raw_hash_set_test.cc"
    }
  ]
}