Don't skip past zero byte in profile parsing

In parse_quoted_string(), only process an escape sequence if there is a second character after the backlash, to avoid reading past the terminating zero byte. Reported by Lutz Justen. (cherry picked from commit a449bfc16c32019fec8b4deea963a3e474b0d14d) ticket: 8825 version_fixed: 1.17.1
author: Greg Hudson <ghudson@mit.edu> 2019-08-14 11:46:14 -0400
committer: Greg Hudson <ghudson@mit.edu> 2019-12-09 17:02:52 -0500
commit: ec12007a9b0c048e304715cbe07b13338cbfac11 (patch)
tree: 1e2877c072b137c744a05979a59319679a2b3830
parent: 0d7f29a6cbd4ba2b485a1dc7a0dd01ebeb7458f5 (diff)
download: krb5-ec12007a9b0c048e304715cbe07b13338cbfac11.zip
krb5-ec12007a9b0c048e304715cbe07b13338cbfac11.tar.gz
krb5-ec12007a9b0c048e304715cbe07b13338cbfac11.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/util/profile/prof_parse.c b/src/util/profile/prof_parse.c
index 531e4a0..7ba44ac 100644
--- a/src/util/profile/prof_parse.c
+++ b/src/util/profile/prof_parse.c
@@ -48,7 +48,7 @@ static void parse_quoted_string(char *str)
     char *to, *from;
 
     for (to = from = str; *from && *from != '"'; to++, from++) {
-        if (*from == '\\') {
+        if (*from == '\\' && *(from + 1) != '\0') {
             from++;
             switch (*from) {
             case 'n':
author	Greg Hudson <ghudson@mit.edu>	2019-08-14 11:46:14 -0400
committer	Greg Hudson <ghudson@mit.edu>	2019-12-09 17:02:52 -0500
commit	ec12007a9b0c048e304715cbe07b13338cbfac11 (patch)
tree	1e2877c072b137c744a05979a59319679a2b3830
parent	0d7f29a6cbd4ba2b485a1dc7a0dd01ebeb7458f5 (diff)
download	krb5-ec12007a9b0c048e304715cbe07b13338cbfac11.zip krb5-ec12007a9b0c048e304715cbe07b13338cbfac11.tar.gz krb5-ec12007a9b0c048e304715cbe07b13338cbfac11.tar.bz2