Blame SOURCES/cyrus-sasl-2.1.27-CVE-2019-19906.patch

b0654d
From bcb6c06ec17728f7c9c492dc257b1e541a6830da Mon Sep 17 00:00:00 2001
b0654d
From: Simo Sorce <simo@redhat.com>
b0654d
Date: Tue, 5 May 2020 14:41:06 -0400
b0654d
Subject: [PATCH] CVE-2019-19906
b0654d
b0654d
Backport of commit id:
b0654d
dcc9f51cbd4ed622cfb0f9b1c141eb2ffe3b12f1
b0654d
b0654d
Signed-off-by: Simo Sorce <simo@redhat.com>
b0654d
---
b0654d
 lib/common.c | 2 +-
b0654d
 1 file changed, 1 insertion(+), 1 deletion(-)
b0654d
b0654d
diff --git a/lib/common.c b/lib/common.c
b0654d
index bc3bf1d..9969d6a 100644
b0654d
--- a/lib/common.c
b0654d
+++ b/lib/common.c
b0654d
@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t *alloclen,
b0654d
 
b0654d
   if (add==NULL) add = "(null)";
b0654d
 
b0654d
-  addlen=strlen(add); /* only compute once */
b0654d
+  addlen=strlen(add)+1; /* only compute once */
b0654d
   if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
b0654d
     return SASL_NOMEM;
b0654d
 
b0654d
-- 
b0654d
2.18.2
b0654d