From 6acda7ad1f834016c9cebea0dd82467db86baeeb Mon Sep 17 00:00:00 2001
From: defanor <defanor@uberspace.net>
Date: Thu, 11 Feb 2021 12:53:29 +0300
Subject: Add stricter checks for '/' and '@' positions in JIDs

---
 src/rexmpp_jid.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/rexmpp_jid.c b/src/rexmpp_jid.c
index 44e2754..f19bd7c 100644
--- a/src/rexmpp_jid.c
+++ b/src/rexmpp_jid.c
@@ -21,11 +21,19 @@ int rexmpp_jid_parse (const char *str, struct rexmpp_jid *jid) {
   /* Find the separators. */
   for (i = 0; i < full_len; i++) {
     if (local_len == 0 && str[i] == '@') {
+      if (i == 0) {
+        /* '@' is in the very beginning, an error. */
+        return -1;
+      }
       local_len = i;
       domain_len -= local_len + 1;
       domain = str + i + 1;
     }
     if (str[i] == '/') {
+      if (i == full_len - 1) {
+        /* '/' is in the end, that's an error. */
+        return -1;
+      }
       resource_len = full_len - i - 1;
       domain_len -= resource_len + 1;
       bare_len -= resource_len + 1;
-- 
cgit v1.2.3