summary refs log tree commit diff
path: root/posix
diff options
context:
space:
mode:
authorPaul Eggert <eggert@cs.ucla.edu>2017-10-20 18:41:14 +0200
committerFlorian Weimer <fweimer@redhat.com>2017-10-20 18:46:48 +0200
commitc369d66e5426a30e4725b100d5cd28e372754f90 (patch)
tree252d4ee0e4196f335fc864d10a38f5c6cb6c36f3 /posix
parent6d43de4b85b11d26a19bebe4f55f31be16e3d419 (diff)
downloadglibc-c369d66e5426a30e4725b100d5cd28e372754f90.tar.gz
glibc-c369d66e5426a30e4725b100d5cd28e372754f90.tar.xz
glibc-c369d66e5426a30e4725b100d5cd28e372754f90.zip
CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320]
Diffstat (limited to 'posix')
-rw-r--r--posix/glob.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/posix/glob.c b/posix/glob.c
index 076ab2bd72..15a6c0cf13 100644
--- a/posix/glob.c
+++ b/posix/glob.c
@@ -790,7 +790,7 @@ __glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
 		  *p = '\0';
 		}
 	      else
-		*((char *) mempcpy (newp, dirname + 1, end_name - dirname))
+		*((char *) mempcpy (newp, dirname + 1, end_name - dirname - 1))
 		  = '\0';
 	      user_name = newp;
 	    }