Fix CVE-2017-16844:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16844
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876511

Patch copied from Debian procmail package 3.22-26:

http://http.debian.net/debian/pool/main/p/procmail/procmail_3.22-26.debian.tar.xz

From: Santiago Vila <sanvila@debian.org>
Subject: Fix heap-based buffer overflow in loadbuf()
Bug-Debian: http://bugs.debian.org/876511
X-Debian-version: 3.22-26

--- a/src/formisc.c
+++ b/src/formisc.c
@@ -103,7 +103,7 @@
 }
 							    /* append to buf */
 void loadbuf(text,len)const char*const text;const size_t len;
-{ if(buffilled+len>buflen)			  /* buf can't hold the text */
+{ while(buffilled+len>buflen)			  /* buf can't hold the text */
      buf=realloc(buf,buflen+=Bsize);
   tmemmove(buf+buffilled,text,len);buffilled+=len;
 }
zko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>refs</a><a class='active' href='/guix/log/gnu/packages/xfig.scm'>log</a><a href='/guix/tree/gnu/packages/xfig.scm?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>tree</a><a href='/guix/commit/gnu/packages/xfig.scm?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>commit</a><a href='/guix/diff/gnu/packages/xfig.scm?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/xfig.scm'>
<input type='hidden' name='id' value='574e4e16d82bdc76b7c2ba726518047cdf1edf0b'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>root</a>/<a href='/guix/log/gnu?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>gnu</a>/<a href='/guix/log/gnu/packages?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>packages</a>/<a href='/guix/log/gnu/packages/xfig.scm?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b'>xfig.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/xfig.scm?id=574e4e16d82bdc76b7c2ba726518047cdf1edf0b&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2017-01-13 07:28:57 +0100'>2017-01-13</span></td><td><a href='/guix/commit/gnu/packages/xfig.scm?id=79728b621bb3032984252c244b710993ae1aa984'>gnu: xfig: Correct typographic error.</a><span class='msg-avail'>...</span></td><td>John Darrington</td></tr>
<tr><td><span title='2017-01-12 17:41:06 +0100'>2017-01-12</span></td><td><a href='/guix/commit/gnu/packages/xfig.scm?id=97fedab17d4acfa05969ddd9faf98a11d27a4743'>gnu: xfig: Remove wrapper and clean up implementation.</a><span class='msg-avail'>...</span></td><td>John Darrington</td></tr>
<tr><td><span title='2017-01-12 17:41:00 +0100'>2017-01-12</span></td><td><a href='/guix/commit/gnu/packages/xfig.scm?id=0eefac0f2f2c7b57471d352abfad7fa306a69df2'>gnu: xfig: Use modify-phases.</a><span class='msg-avail'>...</span></td><td>John Darrington</td></tr>
<tr><td><span title='2014-11-24 18:28:52 +0100'>2014-11-24</span></td><td><a href='/guix/commit/gnu/packages/xfig.scm?id=faef3b153acf450555fc640bd266a2e1321d9c99'>gnu: xfig: Add 'wrap-xfig phase.</a><span class='msg-avail'>...</span></td><td>Federico Beffa</td></tr>
<tr><td><span title='2014-10-13 10:11:43 -0500'>2014-10-13</span></td><td><a href='/guix/commit/gnu/packages/xfig.scm?id=6aad2d625f861184504947757a898210e34e515a'>gnu: xfig, transfig: Patch compiler flags for mips and i686.</a><span class='msg-avail'>...</span></td><td>Eric Bavier</td></tr>
<tr><td><span title='2014-10-11 21:11:23 -0500'>2014-10-11</span></td><td><a href='/guix/commit/gnu/packages/xfig.scm?id=36ae58488bfeeb3bc2b314bd16ba37d06b3a13af'>gnu: Add transfig.</a><span class='msg-avail'>...</span></td><td>Eric Bavier</td></tr>
<tr><td><span title='2014-10-11 21:11:23 -0500'>2014-10-11</span></td><td><a href='/guix/commit/gnu/packages/xfig.scm?id=b3f3fb825e5614ed373429c4e664be75eef92472'>gnu: Add xfig.</a><span class='msg-avail'>...</span></td><td>Eric Bavier</td></tr>

Age	Commit message (Expand)	Author
2017-01-13	gnu: xfig: Correct typographic error....	John Darrington
2017-01-12	gnu: xfig: Remove wrapper and clean up implementation....	John Darrington
2017-01-12	gnu: xfig: Use modify-phases....	John Darrington
2014-11-24	gnu: xfig: Add 'wrap-xfig phase....	Federico Beffa
2014-10-13	gnu: xfig, transfig: Patch compiler flags for mips and i686....	Eric Bavier
2014-10-11	gnu: Add transfig....	Eric Bavier
2014-10-11	gnu: Add xfig....	Eric Bavier