From cfba3e1c3b79eb9bb67e8e4959b39e4d9723da60 Mon Sep 17 00:00:00 2001
From: Duncaen <mail@duncano.de>
Date: Mon, 28 Jan 2019 16:24:01 +0100
Subject: mpick: fix off-by-one in parse_string (expression parsing)

---
 NEWS.md | 1 +
 mpick.c | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/NEWS.md b/NEWS.md
index b5f1fbb..97c172f 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -14,6 +14,7 @@
 * mscan: new flag -v for statistics
 * magrep: add -h, which is like -p but doesn't print the file name
 * mscan: prioritize displaying trashed mail over other markers
+* mpick: fix off-by-one in expression parsing
 * Many bug fixes
 
 ## 0.4 (2018-08-15)
diff --git a/mpick.c b/mpick.c
index b412f8e..1704044 100644
--- a/mpick.c
+++ b/mpick.c
@@ -284,7 +284,7 @@ parse_string(char **s)
 		pos++;
 		while (*pos &&
 		    (*pos != '"' || (*pos == '"' && *(pos+1) == '"'))) {
-			if (len >= bufsiz) {
+			if (len+1 >= bufsiz) {
 				bufsiz = 2*bufsiz + 16;
 				buf = realloc(buf, bufsiz);
 				if (!buf)
-- 
cgit 1.4.1