Fix parsing issue involving effective dates

Cory Duplantis reported that "A specially crafted journal file can
cause [an] integer underflow resulting in code execution".  Cory
provided this test case:

    Expenses:Food:Groceries             $ 37.50  ; ] [=2004/01/01]

Note the ] that comes before [ after the ;.

This issue was reported and described in great detail by Cory Duplantis
of Cisco Talos.  This issue is known as TALOS-2017-0303 and has been
assigned CVE-2017-2807.  Cory's description can be found at
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303

Fixes #1722

1 files changed, 1 insertions, 1 deletions

diff --git a/src/item.cc b/src/item.cc
index bd025c52..7132103e 100644
--- a/src/item.cc
+++ b/src/item.cc
@@ -152,7 +152,7 @@ void item_t::parse_tags(const char * p,
     if (const char * b = std::strchr(p, '[')) {
       if (*(b + 1) != '\0' &&
           (std::isdigit(*(b + 1)) || *(b + 1) == '=')) {
-        if (const char * e = std::strchr(p, ']')) {
+        if (const char * e = std::strchr(b, ']')) {
           char buf[256];
           std::strncpy(buf, b + 1, static_cast<std::size_t>(e - b - 1));
           buf[e - b - 1] = '\0';