From ed6035afb16e563b3bce9044fdf6fb1163119e70 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Wed, 8 Feb 2017 07:32:35 +0100 Subject: Do not read past NUL character in ical_get_value() Make sure we never read beyond the end of the buffer, even if the terminating quote of a quoted string is missing. Signed-off-by: Lukas Fleischer --- src/ical.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/ical.c b/src/ical.c index c2c8c5b..d8ad997 100644 --- a/src/ical.c +++ b/src/ical.c @@ -676,10 +676,10 @@ static long ical_compute_rpt_until(long start, ical_rpt_t * rpt) static char *ical_get_value(char *p) { for (; *p != ':'; p++) { + if (*p == '"') + for (p++; *p != '"' && *p != '\0'; p++); if (*p == '\0') return NULL; - if (*p == '"') - for (p++; *p != '"'; p++); } return p + 1; -- cgit v1.2.3