$OpenBSD: patch-lib_c,v 1.1 2014/12/01 17:55:24 sthen Exp $

http://dev.mutt.org/trac/ticket/3716 ->
http://anonscm.debian.org/cgit/pkg-mutt/mutt.git/diff/debian/patches/upstream/771125-CVE-2014-9116-jessie.patch

--- lib.c.orig	Mon Dec  1 17:15:50 2014
+++ lib.c	Mon Dec  1 17:16:14 2014
@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin, const char *e
   size_t len;
   char *p;
 
+  if (end != NULL && end < begin)
+    return NULL;
+
   if (end)
     len = end - begin;
   else
