SECURITY: fix Qualys CVE-2020-PFPSN

(cherry picked from commit 93b6044e1636404f3463f3e1113098742e295542) (cherry picked from commit 4e59a5d5c448e1fcdcbead268ffe6561adf0224d)
author: Phil Pennock <phil+git@pennock-tech.com> 2020-10-29 19:00:51 -0400
committer: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> 2021-05-27 21:30:25 +0200
commit: cb08e2f59f2166660abc998a0554e64c61d4a0f5 (patch)
tree: 2089fcfb47a08b5fe3981a30637b2c4db12fb64d /src
parent: 5dc522966ae58ac845dc280495af651c9858f152 (diff)
1 files changed, 11 insertions, 3 deletions
diff --git a/src/src/parse.c b/src/src/parse.c
index 18a6df198..7dfb9a7eb 100644
--- a/src/src/parse.c
+++ b/src/src/parse.c
@@ -1129,9 +1129,17 @@ while (s < end)
             {
             if (ss >= end) ss--;
             *t++ = '(';
-            Ustrncpy(t, s, ss-s);
-            t += ss-s;
-            s = ss;
+            if (ss < s)
+              {
+              /* Someone has ended the string with "<punct>(". */
+              ss = s;
+              }
+            else
+              {
+              Ustrncpy(t, s, ss-s);
+              t += ss-s;
+              s = ss;
+              }
             }
           }
author	Phil Pennock <phil+git@pennock-tech.com>	2020-10-29 19:00:51 -0400
committer	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>	2021-05-27 21:30:25 +0200
commit	cb08e2f59f2166660abc998a0554e64c61d4a0f5 (patch)
tree	2089fcfb47a08b5fe3981a30637b2c4db12fb64d /src
parent	5dc522966ae58ac845dc280495af651c9858f152 (diff)