From 31c419516e8e4d0c91d5e718072d81b7e7daf577 Mon Sep 17 00:00:00 2001
From: Dinesh Babu <babud@juniper.net>
Date: Thu, 19 Sep 2019 15:04:51 +0530
Subject: [PATCH] Check allocated memory length before moving pointer

---
 libslax/slaxlexer.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libslax/slaxlexer.c b/libslax/slaxlexer.c
index fc330990..4fa41e19 100644
--- a/libslax/slaxlexer.c
+++ b/libslax/slaxlexer.c
@@ -1099,6 +1099,10 @@ slaxLexer (slax_data_t *sdp)
 	     * need to read some more, if the string is long.
 	     */
 	    sdp->sd_cur += 1;	/* Move past the first quote */
+	    if (sdp->sd_cur == sdp->sd_len) {
+		if (slaxGetInput(sdp, 0))
+		    return -1;
+	    }
 	    while (((unsigned char *) sdp->sd_buf)[sdp->sd_cur] != ch1) {
 		int bump = (sdp->sd_buf[sdp->sd_cur] == '\\') ? 1 : 0;