summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorLukas Fleischer <lfleischer@calcurse.org>2017-02-08 07:32:35 +0100
committerLukas Fleischer <lfleischer@calcurse.org>2017-02-08 07:32:35 +0100
commited6035afb16e563b3bce9044fdf6fb1163119e70 (patch)
tree21f9bf8870a1670fd1f27c244a0cdd2be6b14343 /src
parente4e2e0eb20794972b8d4c89dcfeb6c257c45c3a1 (diff)
downloadcalcurse-ed6035afb16e563b3bce9044fdf6fb1163119e70.tar.gz
calcurse-ed6035afb16e563b3bce9044fdf6fb1163119e70.zip
Do not read past NUL character in ical_get_value()
Make sure we never read beyond the end of the buffer, even if the terminating quote of a quoted string is missing. Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
Diffstat (limited to 'src')
-rw-r--r--src/ical.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/ical.c b/src/ical.c
index c2c8c5b..d8ad997 100644
--- a/src/ical.c
+++ b/src/ical.c
@@ -676,10 +676,10 @@ static long ical_compute_rpt_until(long start, ical_rpt_t * rpt)
static char *ical_get_value(char *p)
{
for (; *p != ':'; p++) {
+ if (*p == '"')
+ for (p++; *p != '"' && *p != '\0'; p++);
if (*p == '\0')
return NULL;
- if (*p == '"')
- for (p++; *p != '"'; p++);
}
return p + 1;