From 5cb00f77810dcf5eb596019ec3a19c85b7b81368 Mon Sep 17 00:00:00 2001
From: Michal Vasilek <michal@vasilek.cz>
Date: Mon, 5 Jul 2021 00:53:15 +0200
Subject: [PATCH 1/2] libsasl: fix CVE-2019-19906

---
 srcpkgs/libsasl/patches/CVE-2019-19906.patch | 15 +++++++++++++++
 srcpkgs/libsasl/template                     |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/libsasl/patches/CVE-2019-19906.patch

diff --git a/srcpkgs/libsasl/patches/CVE-2019-19906.patch b/srcpkgs/libsasl/patches/CVE-2019-19906.patch
new file mode 100644
index 000000000000..f7edb521e89f
--- /dev/null
+++ b/srcpkgs/libsasl/patches/CVE-2019-19906.patch
@@ -0,0 +1,15 @@
+https://github.com/cyrusimap/cyrus-sasl/issues/587
+
+diff --git a/lib/common.c b/lib/common.c
+index bc3bf1df..9969d6aa 100644
+--- a/lib/common.c
++++ b/lib/common.c
+@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t *alloclen,
+
+   if (add==NULL) add = "(null)";
+
+-  addlen=strlen(add); /* only compute once */
++  addlen=strlen(add)+1; /* only compute once */
+   if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
+     return SASL_NOMEM;
+
diff --git a/srcpkgs/libsasl/template b/srcpkgs/libsasl/template
index b9dbe7bc2f86..a8817042f843 100644
--- a/srcpkgs/libsasl/template
+++ b/srcpkgs/libsasl/template
@@ -1,7 +1,7 @@
 # Template file for 'libsasl'
 pkgname=libsasl
 version=2.1.27
-revision=1
+revision=2
 wrksrc="cyrus-sasl-${version}"
 build_style=gnu-configure
 configure_args="--enable-cram --enable-digest --enable-auth-sasldb

From a448b5d45d7c51c887088c71f39cdceca91c1739 Mon Sep 17 00:00:00 2001
From: Michal Vasilek <michal@vasilek.cz>
Date: Mon, 5 Jul 2021 00:53:23 +0200
Subject: [PATCH 2/2] cyrus-sasl: revbump for CVE-2019-19906

---
 srcpkgs/cyrus-sasl/template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srcpkgs/cyrus-sasl/template b/srcpkgs/cyrus-sasl/template
index 32bcc8ebc6ba..b259152139fd 100644
--- a/srcpkgs/cyrus-sasl/template
+++ b/srcpkgs/cyrus-sasl/template
@@ -1,7 +1,7 @@
 # Template file for 'cyrus-sasl'
 pkgname=cyrus-sasl
 version=2.1.27
-revision=8
+revision=9
 build_style=gnu-configure
 configure_args="--disable-static --enable-shared --enable-checkapop
  --enable-cram --enable-digest --disable-otp --disable-srp