mpatch: be more careful about parsing binary patch data (SEC)
It appears to have been possible to trivially walk off the end of an
allocated region with a malformed patch. Oops.
Caught when writing an mpatch fuzzer for oss-fuzz.
This defect is OVE-
20180430-0001. A CVE has not been obtained as of
this writing.
#require test-repo jshint hg10
$ . "$TESTDIR/helpers-testrepo.sh"
run jshint on all tracked files ending in .js except vendored dependencies
$ cd "`dirname "$TESTDIR"`"
$ testrepohg locate 'set:**.js' \
> 2>/dev/null \
> | xargs jshint