Based on:

From c369d66e5426a30e4725b100d5cd28e372754f90 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Fri, 20 Oct 2017 18:41:14 +0200
Subject: [PATCH] CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320]

diff -Naur a/posix/glob.c b/posix/glob.c
--- a/posix/glob.c	2017-11-02 15:17:17.820091862 +0530
+++ b/posix/glob.c	2017-11-02 15:17:49.434888815 +0530
@@ -865,7 +865,7 @@
 		  *p = '\0';
 		}
 	      else
-		*((char *) mempcpy (newp, dirname + 1, end_name - dirname))
+		*((char *) mempcpy (newp, dirname + 1, end_name - dirname - 1))
 		  = '\0';
 	      user_name = newp;
 	    }