From ebf8e996becaa6488e2d1e6073db0d3da5971beb Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 8 Feb 2021 10:59:23 +0100
Subject: [PATCH] decompress_iob(): Don't advance cur past eod

... when looking for the end of the file name and comment.

I could not come up with a test case where the previous
behaviour resulted in reading of uninitialized data but
advancing past eod still seems wrong.
---
 parsers.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/parsers.c b/parsers.c
index f905c92a..999c715e 100644
--- a/parsers.c
+++ b/parsers.c
@@ -634,14 +634,14 @@ jb_err decompress_iob(struct client_state *csp)
          if (flags & GZIP_FLAG_FILE_NAME)
          {
             /* A null-terminated string is supposed to follow. */
-            while (*cur++ && (cur < csp->iob->eod));
+            while ((cur < csp->iob->eod) && *cur++);
          }
 
          /* Skip the comment if necessary. */
          if (flags & GZIP_FLAG_COMMENT)
          {
             /* A null-terminated string is supposed to follow. */
-            while (*cur++ && (cur < csp->iob->eod));
+            while ((cur < csp->iob->eod) && *cur++);
          }
 
          /* Skip the CRC if necessary. */
-- 
2.39.2