From ae69a754244c4e475c8d2591772ca8e005071d83 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 18 Feb 2019 11:55:41 +0100
Subject: Update to 5.42

---
 utils/textclient-mobile.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'utils/textclient-mobile.c')

diff --git a/utils/textclient-mobile.c b/utils/textclient-mobile.c
index c321487..4d0d891 100644
--- a/utils/textclient-mobile.c
+++ b/utils/textclient-mobile.c
@@ -1,4 +1,4 @@
-/* xscreensaver, Copyright (c) 2012-2016 Jamie Zawinski <jwz@jwz.org>
+/* xscreensaver, Copyright (c) 2012-2018 Jamie Zawinski <jwz@jwz.org>
  *
  * Permission to use, copy, modify, distribute, and sell this software and its
  * documentation for any purpose is hereby granted without fee, provided that
@@ -311,11 +311,13 @@ textclient_strip_html (const char *html)
   int comment = 0;
   int white = 0;
   int nl = 0;
-  char *ret = (char *) malloc ((strlen(html) * 4) + 1);  // room for UTF8
+  int L = strlen(html);
+  char *ret = (char *) malloc ((L * 4) + 1);  // room for UTF8
   char *out = ret;
   *out = 0;
 
   for (const char *in = html; *in; in++) {
+    if (in >= html + L) abort();
     if (comment) {
       if (!strncmp (in, "-->", 3)) {
         comment = 0;
@@ -339,7 +341,7 @@ textclient_strip_html (const char *html)
         white = 1;
       }
     } else if (*in == ' ' || *in == '\t' || *in == '\r' || *in == '\n') {
-      if (!white && out != html)
+      if (!white && out != ret)
         *out++ = ' ';
       white = 1;
     } else {
@@ -552,7 +554,8 @@ strip_wiki (char *text)
 static char *
 textclient_strip_rss (const char *rss)
 {
-  char *ret = malloc (strlen(rss) * 4 + 1);  // room for UTF8
+  int L = strlen(rss);
+  char *ret = malloc (L * 4 + 1);  // room for UTF8
   char *out = ret;
   const char *a = 0, *b = 0, *c = 0, *d = 0, *t = 0;
   int head = 1;
@@ -561,6 +564,7 @@ textclient_strip_rss (const char *rss)
 
   *out = 0;
   for (const char *in = rss; *in; in++) {
+    if (in >= rss + L) abort();
     if (*in == '<') {
       if (!strncasecmp (in, "<item", 5) ||	// New item, dump.
           !strncasecmp (in, "<entry", 6)) {
@@ -592,6 +596,8 @@ textclient_strip_rss (const char *rss)
           out += strlen (out);
         }
 
+        if (done) break;
+
       } else if (head) {   // still before first <item>
         ;
       } else if (!strncasecmp (in, "<title", 6)) {
-- 
cgit v1.2.3-55-g7522