Fixed a heap-buffer-overflow in the smart_pkt.c:set_data function. by oliverchang · Pull Request #7118 · libgit2/libgit2

The strstr call used to find the " object-format=" capability string did
not have a length limit, potentially reading past the end of the
allocated buffer if the capabilities string was not null-terminated
within the buffer bounds. Replaced strstr with git__memmem and
subsequent strchr calls with memchr, providing the remaining buffer
length as a limit to prevent out-of-bounds reads.

https: //oss-fuzz.com/testcase-detail/4895812384325632
https: //issues.oss-fuzz.com/issues/42524461
Change-Id: Id313af1bce48ea8763fa2dfd7eb9ee8934fa541f