--- cvsps-2.2b1/cvsps.c	2010-09-07 18:13:42.760727491 +0200

+++ cvsps-2.2b1_/cvsps.c	2010-09-07 18:05:11.083729441 +0200

@@ -1065,17 +1065,16 @@ static CvsFile * parse_file(const char *

 {

     CvsFile * retval;

     char fn[PATH_MAX];

-    int len = strlen(buff + 10);

+    size_t len = strlen(buff + 10);

     char * p;

     /* once a single file has been parsed ok we set this */

     static int path_ok;

-    

+

     /* chop the ",v" string and the "LF" */

     len -= 3;

     memcpy(fn, buff + 10, len);

     fn[len] = 0;

-    

     if (strncmp(fn, strip_path, strip_path_len) != 0)

     {

 	/* if the very first file fails the strip path,

@@ -1096,10 +1095,10 @@ static CvsFile * parse_file(const char *

 	    while ((p = strstr(p, repository_path)))

 		lastp = p++;

-      

+

 	    if (lastp)

 	    {

-		int len = strlen(repository_path);

+		size_t len = strlen(repository_path);

 		memcpy(strip_path, fn, lastp - fn + len + 1);

 		strip_path_len = lastp - fn + len + 1;

 		strip_path[strip_path_len] = 0;

@@ -1114,16 +1113,26 @@ static CvsFile * parse_file(const char *

 	 *

 	 * For now just ignore such files

 	 */

-	debug(DEBUG_APPMSG1, "WARNING: file %s doesn't match strip_path %s. ignoring", 

+	debug(DEBUG_APPMSG1, "WARNING: file %s doesn't match strip_path %s. ignoring",

 	      fn, strip_path);

 	return NULL;

     }

  ok:

-    path_ok = 1;

-

+     /*

+     fix for rhbz#576076

+     ./cvsps --norc -q --cvs-direct -u -A --root :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot NSS

+     */

+    if(len <= strip_path_len)

+    {

+        debug(DEBUG_APPMSG1, "WARNING: file %s doesn't match strip_path %s. ignoring",

+	      fn, strip_path);

+        return NULL;

+    }

     /* remove from beginning the 'strip_path' string */

     len -= strip_path_len;

+    path_ok = 1;

+

     memmove(fn, fn + strip_path_len, len);

     fn[len] = 0;