From a3111efa7159107ce9f9b76157db558dc79fd4e6 Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH] 0038-proc/devname.c: Prevent off-by-one overflow in
 dev_to_tty().

---
 proc/devname.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/proc/devname.c b/proc/devname.c
index 40318a96..e01bb7b1 100644
--- a/proc/devname.c
+++ b/proc/devname.c
@@ -347,7 +347,7 @@ abbrev:
   if((flags&ABBREV_TTY) && !strncmp(tmp,"tty",  3) && tmp[3]) tmp += 3;
   if((flags&ABBREV_PTS) && !strncmp(tmp,"pts/", 4) && tmp[4]) tmp += 4;
   /* gotta check before we chop or we may chop someone else's memory */
-  if(chop + (unsigned long)(tmp-buf) <= sizeof buf)
+  if(chop + (unsigned long)(tmp-buf) < sizeof buf)
     tmp[chop] = '\0';
   /* replace non-ASCII characters with '?' and return the number of chars */
   for(;;){
-- 
2.40.0