From 38d6a34dd282abfa10f7d083a3f8161f0649acea Mon Sep 17 00:00:00 2001
From: =?utf8?q?Michael=20G=C3=B6hler?= <github@nixhub.de>
Date: Wed, 27 Dec 2017 22:48:39 +0100
Subject: [PATCH] fixed heap-buffer-overflow in url_count_inline, fixes #122

---
 src/url.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/url.c b/src/url.c
index 0e49b49..da21a57 100644
--- a/src/url.c
+++ b/src/url.c
@@ -165,7 +165,7 @@ int url_count_inline(const wchar_t *line) {
     for (; *i; i++) {
         if (*i == '\\') {
             i++;
-        } else if ( *i == '[' && *(i+1) != ']') {
+        } else if ( *i == '[' && *(i+1) && *(i+1) != ']') {
             while (*i && *i != ']') i++;
             i++;
             if (*i == '(' && wcschr(i, ')')) {
@@ -185,7 +185,7 @@ int url_len_inline(const wchar_t *value) {
     for (; *i; i++) {
         if (*i == '\\') {
             i++;
-        } else if ( *i == '[' && *(i+1) != ']') {
+        } else if ( *i == '[' && *(i+1) && *(i+1) != ']') {
             while (*i && *i != ']') i++;
             i++;
             if (*i == '(' && wcschr(i, ')')) {
-- 
2.20.1