)]}'
{
  "commit": "0d3b5cc6028550205b56a80ccdd81aecf67e4508",
  "tree": "9f9bd4975a11c4d817295b7d52e4dd39cc6eb6cf",
  "parents": [
    "cc965275f436267684a3f185ea3335e203cee6f9"
  ],
  "author": {
    "name": "Tom Sepez",
    "email": "tsepez@chromium.org",
    "time": "Wed Jul 30 13:03:52 2014 -0700"
  },
  "committer": {
    "name": "Tom Sepez",
    "email": "tsepez@chromium.org",
    "time": "Wed Jul 30 13:03:52 2014 -0700"
  },
  "message": "Speculative fix for uninitialized value in CFX_ByteString().\n\nIf somehow different length values could be obtained by two successive calls\nto Doc_getFilePath() (and FieldBrowse() for that matter), and the method is\ntrue to the API documentation that says \"The return value always indicated\nnumber of bytes required for the buffer, even when there is no buffer\nspecified, or the buffer size is less then required\", then it is possible\nto get a returned length describing memory beyond the current buffer.\n\nWe can make the corresponding JS_docGetFilePath() method more robust against\nthis case by applying better checks to the returned value.\n\nThis probably is unrelated since ASAN seems to be flagging the corresponding bug\nas UAF, but doesn\u0027t hurt to make things more robust.\n\nBUG\u003d392956\nR\u003djun_fang@foxitsoftware.com\n\nReview URL: https://codereview.chromium.org/423233002\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "d7e4e3d8a8c26158e9b9ac1493537f75d0940856",
      "old_mode": 33188,
      "old_path": "fpdfsdk/include/fsdk_mgr.h",
      "new_id": "95d1a79352ec7f33d87bf40d868a8caddb9e3aec",
      "new_mode": 33188,
      "new_path": "fpdfsdk/include/fsdk_mgr.h"
    }
  ]
}