main/musl: cherry-pick upstream fixes

ldso changes (lazy emulation etc) are not stable yet, so it's
are not included. the missing patch numbers are for those commits.

1 files changed, 27 insertions, 0 deletions

diff --git a/main/musl/0023-fix-one-byte-overflow-in-legacy-getpass-function.patch b/main/musl/0023-fix-one-byte-overflow-in-legacy-getpass-function.patch
new file mode 100644
index 0000000000..ef0efac006
--- /dev/null
+++ b/main/musl/0023-fix-one-byte-overflow-in-legacy-getpass-function.patch
@@ -0,0 +1,27 @@
+From 3ec8b3aeb88cef8574a7b0f677ebc1801f03821d Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 15:13:16 -0400
+Subject: [PATCH] fix one-byte overflow in legacy getpass function
+
+if the length of the input was equal to the buffer size (128), a fixed
+value of zero was written one byte past the end of the static buffer.
+---
+ src/legacy/getpass.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/legacy/getpass.c b/src/legacy/getpass.c
+index 15ab9851..d51286c0 100644
+--- a/src/legacy/getpass.c
++++ b/src/legacy/getpass.c
+@@ -27,7 +27,7 @@ char *getpass(const char *prompt)
+ 
+ 	l = read(fd, password, sizeof password);
+ 	if (l >= 0) {
+-		if (l > 0 && password[l-1] == '\n') l--;
++		if (l > 0 && password[l-1] == '\n' || l==sizeof password) l--;
+ 		password[l] = 0;
+ 	}
+ 
+-- 
+2.11.1
+