Fair enough. We are testing our tool to try to find bugs/vulnerabilities in
several git implementations. I will report here my results if i can find some
other memory issue in this git client.
----- Original Message -----
> Gustavo Grieco <gustavo.gri...@imag.fr> writes:
> > Now that the cause of this issue is identified, i would like to
> > know if there is an impact in the security, so i can request a CVE
> > if necessary.
> I am inclined to say that it has no security implications. You have
> to be able to write a bogus loose object in an object store you
> already have write access to in the first place, in order to cause
> this read-only access that goes beyond what is allocated, so at the
> worst, what you can do is to hurt yourself, and you can already hurt
> yourself in various other ways.