From bc14465e08a286f8bc3b1e47e70372352b64bd2c Mon Sep 17 00:00:00 2001
From: Farid Zakaria <fmzakari@google.com>
Date: Thu, 18 Nov 2021 04:00:19 +0000
Subject: [PATCH] Fix stack buffer overflow

Fix a stack buffer overflow found by running MemorySanitizer.
---
 src/libstore/references.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libstore/references.cc b/src/libstore/references.cc
index c369b14ac..bb9590acb 100644
--- a/src/libstore/references.cc
+++ b/src/libstore/references.cc
@@ -54,7 +54,7 @@ void RefScanSink::operator () (std::string_view data)
        fragment, so search in the concatenation of the tail of the
        previous fragment and the start of the current fragment. */
     auto s = tail;
-    s.append(data.data(), refLength);
+    s.append(data.data(), std::min(data.size(), refLength));
     search(s, hashes, seen);
 
     search(data, hashes, seen);