Applied patches from Jiri Popelka:

Fix off-by-one error in call to readlink.
Fix possible buffer overrun found by coverity.

symlinks-coverity-overrun-dynamic.patch

@@ -0,0 +1,12 @@
+diff -up symlinks-1.4/symlinks.c.coverity-overrun-dynamic symlinks-1.4/symlinks.c
+--- symlinks-1.4/symlinks.c.coverity-overrun-dynamic	2011-05-20 14:10:25.682843723 +0100
++++ symlinks-1.4/symlinks.c	2011-05-20 14:11:15.792920839 +0100
+@@ -44,7 +44,7 @@ static int substr (char *s, char *old, c
+ 		newlen = strlen(new);
+ 
+ 	if (newlen > oldlen) {
+-		if ((tmp = malloc(strlen(s))) == NULL) {
++		if ((tmp = malloc(strlen(s)+1)) == NULL) {
+ 			fprintf(stderr, "no memory\n");
+ 			exit (1);
+ 		}

symlinks-coverity-readlink.patch

@@ -0,0 +1,12 @@
+diff -up symlinks-1.4/symlinks.c.coverity-readlink symlinks-1.4/symlinks.c
+--- symlinks-1.4/symlinks.c.coverity-readlink	2009-10-09 15:03:55.000000000 +0100
++++ symlinks-1.4/symlinks.c	2011-05-20 14:10:25.682843723 +0100
+@@ -160,7 +160,7 @@ static void fix_symlink (char *path, dev
+ 	struct stat stbuf, lstbuf;
+ 	int c, fix_abs = 0, fix_messy = 0, fix_long = 0;
+ 
+-	if ((c = readlink(path, lpath, sizeof(lpath))) == -1) {
++	if ((c = readlink(path, lpath, sizeof(lpath)-1)) == -1) {
+ 		perror(path);
+ 		return;
+ 	}

symlinks.spec

@@ -2,12 +2,14 @@ Summary: A utility which maintains a system's symbolic links
 Name: symlinks
 URL: ftp://metalab.unc.edu/pub/Linux/utils/file/
 Version: 1.4
-Release: 3%{?dist}
+Release: 4%{?dist}
 Group: Applications/System
 License: Copyright only
 Source0: http://ibiblio.org/pub/Linux/utils/file/%{name}-%{version}.tar.gz
 # Taken from http://packages.debian.org/changelogs/pool/main/s/symlinks/symlinks_1.2-4.2/symlinks.copyright
 Source1: symlinks-LICENSE.txt
+Patch1: symlinks-coverity-readlink.patch
+Patch2: symlinks-coverity-overrun-dynamic.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %description
@@ -23,6 +25,12 @@ symlinks on your system.
 %setup -q
 cp %{SOURCE1} .
 
+# Fix off-by-one error in call to readlink.
+%patch1 -p1 -b .coverity-readlink
+
+# Fix possible buffer overrun found by coverity.
+%patch2 -p1 -b .coverity-overrun-dynamic
+
 %build
 make CFLAGS="$RPM_OPT_FLAGS $(getconf LFS_CFLAGS)" %{?_smp_mflags}
 
@@ -43,6 +51,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/symlinks.8*
 
 %changelog
+* Fri May 20 2011 Tim Waugh <twaugh@redhat.com> 1.4-4
+- Applied patches from Jiri Popelka:
+  - Fix off-by-one error in call to readlink.
+  - Fix possible buffer overrun found by coverity.
+
 * Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild