1. photon
  2. SPECS
  3. glibc
  4. glibc-fix-CVE-2017-15670.patch
Raw Blame History 
From c369d66e5426a30e4725b100d5cd28e372754f90 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Fri, 20 Oct 2017 18:41:14 +0200
Subject: [PATCH] CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320]

---
 ChangeLog    | 6 ++++++
 NEWS         | 4 ++++
 posix/glob.c | 2 +-
 3 files changed, 11 insertions(+), 1 deletion(-)

index 076ab2b..15a6c0c 100644 (file)
--- a/posix/glob.c
+++ b/posix/glob.c
@@ -859,7 +859,7 @@ glob (pattern, flags, errfunc, pglob)
 		  *p = '\0';
 		}
 	      else
-		*((char *) mempcpy (newp, dirname + 1, end_name - dirname))
+		*((char *) mempcpy (newp, dirname + 1, end_name - dirname -1))
 		  = '\0';
 	      user_name = newp;
 	    }