diff options
| -rw-r--r-- | doc/NEWS | 3 | ||||
| -rw-r--r-- | src/item.cc | 2 | ||||
| -rw-r--r-- | test/regress/1722.test | 12 |
3 files changed, 16 insertions, 1 deletions
@@ -42,6 +42,9 @@ - Do not parse user-specified init-file twice +- Fix parsing issue of effective dates (bug #1722, TALOS-2017-0303, + CVE-2017-2807) + - Python: Removed double quotes from Unicode values. - Python: Ensure that parse errors produce useful RuntimeErrors diff --git a/src/item.cc b/src/item.cc index bd025c52..7132103e 100644 --- a/src/item.cc +++ b/src/item.cc @@ -152,7 +152,7 @@ void item_t::parse_tags(const char * p, if (const char * b = std::strchr(p, '[')) { if (*(b + 1) != '\0' && (std::isdigit(*(b + 1)) || *(b + 1) == '=')) { - if (const char * e = std::strchr(p, ']')) { + if (const char * e = std::strchr(b, ']')) { char buf[256]; std::strncpy(buf, b + 1, static_cast<std::size_t>(e - b - 1)); buf[e - b - 1] = '\0'; diff --git a/test/regress/1722.test b/test/regress/1722.test new file mode 100644 index 00000000..432a19b2 --- /dev/null +++ b/test/regress/1722.test @@ -0,0 +1,12 @@ + +2003/12/20 Organic Co-op + Expenses:Food:Groceries $ 37.50 ; ] [=2004/01/01] + Assets:Cash $-37.50 + +test bal + $ -37.50 Assets:Cash + $ 37.50 Expenses:Food:Groceries +-------------------- + 0 +end test + |