Comment 6 for bug 1647389

At the moment this appears to be a consequence of 104e70cae78bd4afd95d948c6aff188f10508a9c not being included in the original CVE patchset.

I'm attaching an early debdiff for that includes a first attempt at a backport of the above patch and am requesting comments and code review.

If anyone has a succinct/reliable way to reproduce this, I would greatly appreciate that. Due to lack of a good reproducer this is near impossible to test. As a result the backport was attempted purely based on code inspection and comments from upstream fixes.