$OpenBSD: patch-source_common_uloc_c,v 1.1 2012/01/28 10:41:30 ajacoutot Exp $

Fix denial of service and possible code execution via out of bounds
access: http://bugs.icu-project.org/trac/ticket/8984

--- source/common/uloc.c.orig	Wed Oct 19 01:12:40 2011
+++ source/common/uloc.c	Sat Jan 28 08:51:26 2012
@@ -1797,7 +1797,7 @@ _canonicalize(const char* localeID,
                 int32_t variantLen = _deleteVariant(variant, uprv_min(variantSize, (nameCapacity-len)), variantToCompare, n);
                 len -= variantLen;
                 if (variantLen > 0) {
-                    if (name[len-1] == '_') { /* delete trailing '_' */
+                    if (len > 0 && name[len-1] == '_') { /* delete trailing '_' */
                         --len;
                     }
                     addKeyword = VARIANT_MAP[j].keyword;
@@ -1805,7 +1805,7 @@ _canonicalize(const char* localeID,
                     break;
                 }
             }
-            if (name[len-1] == '_') { /* delete trailing '_' */
+            if (len > 0 && len <= nameCapacity && name[len-1] == '_') { /* delete trailing '_' */
                 --len;
             }
         }
