commit f8f7c882a202ae17391b28587d013b5dd2809366
from: Stefan Sperling <stsp@stsp.name>
date: Thu Jul 23 14:21:28 2020 UTC

fix buffer overflow in got_tree_entry_get_symlink_target()

commit - eb59b6d4903198c69021bb80110c5dea0f7a7bc2
commit + f8f7c882a202ae17391b28587d013b5dd2809366
blob - 450df8e2ab748c7c4c138067469d18252790cac4
blob + 525bbd9c114f16ca9bebf27cbc60e52a82311bc4
--- lib/object.c
+++ lib/object.c
@@ -901,7 +901,7 @@ got_tree_entry_get_symlink_target(char **link_target, 
 		*link_target = p;
 		/* Skip blob object header first time around. */
 		memcpy(*link_target,
-		    got_object_blob_get_read_buf(blob) + hdrlen, len);
+		    got_object_blob_get_read_buf(blob) + hdrlen, len - hdrlen);
 		hdrlen = 0;
 	} while (len > 0);
 	(*link_target)[totlen] = '\0';