commit fa4d1ce8a6d9c0f9b1d5bbcc82c675cac601daf5
author Nikias Bassen <nikias@gmx.li> Tue Feb 07 03:12:40 2017 +0100
committer Nikias Bassen <nikias@gmx.li> Tue Feb 07 03:12:40 2017 +0100
tree 22122871eab0160315ae1a06e5461638199dafcc
parent e4dc36f18a3ba06183168111052b7b4e213c740b

xplist: Also fix OOB read in find_char() and find_str() functions

src/xplist.c

diff --git a/src/xplist.c b/src/xplist.c
index d157200..d8d2d72 100644
--- a/src/xplist.c
+++ b/src/xplist.c
@@ -435,6 +435,10 @@
         if (skip_quotes && (c != '"') && (*(ctx->pos) == '"')) {
             ctx->pos++;
             find_char(ctx, '"', 0);
+            if (ctx->pos >= ctx->end) {
+                PLIST_XML_ERR("EOF while looking for matching double quote\n");
+                return;
+            }
             if (*(ctx->pos) != '"') {
                 PLIST_XML_ERR("Unmatched double quote\n");
                 return;
@@ -453,6 +457,10 @@
         if (skip_quotes && (*(ctx->pos) == '"')) {
             ctx->pos++;
             find_char(ctx, '"', 0);
+            if (ctx->pos >= ctx->end) {
+                PLIST_XML_ERR("EOF while looking for matching double quote\n");
+                return;
+            }
             if (*(ctx->pos) != '"') {
                 PLIST_XML_ERR("Unmatched double quote\n");
                 return;