summary refs log tree commit diff
path: root/gnu/packages/patches/glibc-CVE-2017-15670-15671.patch
blob: 76d688c517900c4ef97f8bf9bb49d816887beb0b (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Fix CVE-2017-15670:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670
https://sourceware.org/bugzilla/show_bug.cgi?id=22320
https://bugzilla.redhat.com/show_bug.cgi?id=1504804

And CVE-2017-15671:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671
https://sourceware.org/bugzilla/show_bug.cgi?id=22325
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15671

Copied from upstream:
<https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=2d1bd71ec70a31b01d01b734faa66bb1ed28961f>

diff --git a/posix/glob.c b/posix/glob.c
--- a/posix/glob.c
+++ b/posix/glob.c
@@ -843,7 +843,7 @@
 		  *p = '\0';
 		}
 	      else
-		*((char *) mempcpy (newp, dirname + 1, end_name - dirname))
+		*((char *) mempcpy (newp, dirname + 1, end_name - dirname - 1))
 		  = '\0';
 	      user_name = newp;
 	    }