)]}'
{
  "commit": "a6979fe14adfca20c370dfae5baa1d1aea4e8b26",
  "tree": "57c9ae6237c32f4e0077a2dd728f4a2a0ac662ba",
  "parents": [
    "bab10754d93d74d1ff44d46de63558bc4127f7d8"
  ],
  "author": {
    "name": "Rifat Al Jubayer",
    "email": "45924460+kakarotsec@users.noreply.github.com",
    "time": "Tue May 05 08:11:30 2026 +0600"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Mon May 04 22:11:30 2026 -0400"
  },
  "message": "Fix logic inversion in FlexBuffers VerifyKey() (#9072)\n\nVerifyKey() returns true on the first non-zero byte instead of\nchecking for a null terminator. This causes VerifyBuffer() to accept\nFlexBuffers with non-null-terminated keys. Subsequent access to those\nkeys via strlen()/strcmp() reads out of bounds.\n\nThe condition if (*p++) should be if (!*p++) — return true\nwhen a null terminator is found, not when any non-zero byte is found.\n\nConfirmed with AddressSanitizer: heap-buffer-overflow in strlen()\nafter VerifyBuffer() returns true on a corrupted buffer.",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "1ed6a41bca2cfa199d0c2c972a95e949746a40da",
      "old_mode": 33188,
      "old_path": "include/flatbuffers/flexbuffers.h",
      "new_id": "5c42a7ed476772a9d5f85a0f819a6ff079bccaf9",
      "new_mode": 33188,
      "new_path": "include/flatbuffers/flexbuffers.h"
    }
  ]
}