)]}'
{
  "commit": "39d7ee9c8262d9cd3338735bf3e95649857375e5",
  "tree": "f746d56d5ee593981eef09d7851b7317df42ed0d",
  "parents": [
    "9e6144382ca4752591910b38b71a3301d97999df"
  ],
  "author": {
    "name": "Theo Buehler",
    "email": "theorbuehler@gmail.com",
    "time": "Thu Oct 19 06:50:23 2023 +0200"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Thu Oct 19 16:49:34 2023 +0000"
  },
  "message": "Error check X509_ALGOR_set0()\n\nIf |param_type| is different from |V_ASN1_UNDEF|, there will usually\nbe a call to |ASN1_TYPE_new| which allocates and can thus fail. The\nresult of a failure is that |pval| will leak, which is the case in\nboth callers in the RSA-PSS code.\n\nThis changeset leaves out the call in |X509_ALGOR_set_md|, which\nis a void function. This could be fixed in three ways: change its\nsignature to allow error checking, call |X509_ALGOR_set0| up front\nto preallocate, or inline the function in its only internal caller\nand remove it from the public API.\n\nChange-Id: I25ed3593947f9ee58208b980a95730d37789c9e1\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/63585\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "16235eee32e0e49cd598fb0194101c7f228deaa1",
      "old_mode": 33188,
      "old_path": "crypto/x509/algorithm.c",
      "new_id": "2d3f4d39a5be243f7592383750741ea659528c26",
      "new_mode": 33188,
      "new_path": "crypto/x509/algorithm.c"
    },
    {
      "type": "modify",
      "old_id": "9e69663ed9a722e45189e63b57914cc568558ff2",
      "old_mode": 33188,
      "old_path": "crypto/x509/rsa_pss.c",
      "new_id": "5974bfab5132927dfe8832d4dd51f9e2739557cb",
      "new_mode": 33188,
      "new_path": "crypto/x509/rsa_pss.c"
    }
  ]
}