From 04b1a3aae24b21c3f02b915b2416eba886992bed Mon Sep 17 00:00:00 2001
From: Aaron Merey <amerey@redhat.com>
Date: Tue, 1 Nov 2022 17:51:00 -0400
Subject: [PATCH] debuginfod-client: Fix out-of-bounds write

Return early from path_escape when '\0' is seen in order to prevent
an out-of-bounds write to the dest buffer.

Signed-off-by: Aaron Merey <amerey@redhat.com>
---
 debuginfod/debuginfod-client.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index d097ca49d..0c4a00cf9 100644
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -595,8 +595,7 @@ path_escape (const char *src, char *dest)
       {
       case '\0':
         dest[q] = '\0';
-        q = PATH_MAX-1; /* escape for loop too */
-        break;
+	return;
       case '/': /* escape / to prevent dir escape */
         dest[q++]='#';
         dest[q++]='#';
-- 
2.39.5