From 031afe420725e328e9d7742be69ef0bd81c62b9a Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Wed, 7 Nov 2018 14:04:53 +0100
Subject: 43793: computil could overrun buffer

---
 ChangeLog          | 2 ++
 Src/Zle/computil.c | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 97751c16e..ed44bcf26 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 2018-11-09  Peter Stephenson  <p.stephenson@samsung.com>
 
+	* 43793: Kamil: Src/Zle/computil.c: could overrun buffer by 1 byte.
+
 	* 43791: Kamil: Src/Modules/clone.c: file descriptor was closed twice.
 
 2018-11-08  Oliver Kiddle  <okiddle@yahoo.co.uk>
diff --git a/Src/Zle/computil.c b/Src/Zle/computil.c
index 5526e0ad0..cb1c01042 100644
--- a/Src/Zle/computil.c
+++ b/Src/Zle/computil.c
@@ -561,9 +561,9 @@ cd_init(char *nam, char *hide, char *mlen, char *sep,
                 if (str->str == str->match)
                     str->str = ztrdup(str->str);
                 if (hide[1] && str->str[0] == '-' && str->str[1] == '-')
-                    strcpy(str->str, str->str + 2);
+                    memmove(str->str, str->str + 2, strlen(str->str) - 1);
                 else if (str->str[0] == '-' || str->str[0] == '+')
-                    strcpy(str->str, str->str + 1);
+                    memmove(str->str, str->str + 1, strlen(str->str));
             }
         }
 	for (ap = args; *args &&
-- 
cgit 1.4.1