)]}'
{
  "commit": "609d2c812dfa4cc64a7c7692e35311854b017cf4",
  "tree": "afe916d1a788c62a50009e93f01be5f41f7c3997",
  "parents": [
    "83f71d8b82e9bf1360cfc926afd70c40412f469d"
  ],
  "author": {
    "name": "Ralf W. Grosse-Kunstleve",
    "email": "rwgkio@gmail.com",
    "time": "Mon Mar 30 10:49:45 2026 +0700"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Sun Mar 29 20:49:45 2026 -0700"
  },
  "message": "Fix heap-buffer-overflow in `pythonbuf` with undersized buffers (#6019)\n\n* Fix heap-buffer-overflow in pythonbuf with undersized buffers (gh-5886)\n\nThe _sync() UTF-8 remainder logic can leave pptr() past the end of\nthe allocated buffer when buf_size \u003c 4: after moving up to 3 bytes\nof an incomplete UTF-8 sequence to the front, pbump(remainder) pushes\npptr() beyond epptr() and the buffer boundary.  The next overflow()\nthen writes out of bounds.\n\nFix by clamping the buffer size to a minimum of 4 in the constructor,\nensuring the maximum UTF-8 remainder (3 bytes) plus the overflow slot\n(1 byte) always fits within the allocated buffer.\n\nMade-with: Cursor\n\n* Avoid C++14 ODR-use linker error for minimum_buffer_size\n\nstd::max takes arguments by const\u0026, which ODR-uses the static constexpr\nmember and requires an out-of-line definition in C++14. Replace with a\nternary expression that uses the value without taking its address.\n\nMade-with: Cursor",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "1878089e3171bcfbd575ff4d7f925f981489316c",
      "old_mode": 33188,
      "old_path": "include/pybind11/iostream.h",
      "new_id": "44261e881e13a9520088418fe32d099596717ad1",
      "new_mode": 33188,
      "new_path": "include/pybind11/iostream.h"
    }
  ]
}