From 812d071481abf973b57d3262be7a0ca6dde086a9 Mon Sep 17 00:00:00 2001
From: Jonas 'Sortie' Termansen <sortie@maxsi.org>
Date: Mon, 12 May 2014 19:09:46 +0200
Subject: [PATCH] Fix buffer overflow in which(1).

---
 utils/which.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/utils/which.cpp b/utils/which.cpp
index e9020300..9e8d74b8 100644
--- a/utils/which.cpp
+++ b/utils/which.cpp
@@ -61,7 +61,8 @@ bool Which(const char* cmd, const char* path, bool all)
 			error(1, errno, "malloc");
 		memcpy(dirname, path, len * sizeof(char));
 		dirname[len] = '\0';
-		path += len + 1;
+		if ( (path += len)[0] == ':' )
+			path++;
 		int dirfd = open(dirname, O_RDONLY | O_DIRECTORY);
 		if ( dirfd < 0 )
 		{