From f2ecb816129add5b30fda1aad28c89ac7964e5fb Mon Sep 17 00:00:00 2001
From: Manos Pitsidianakis <el13635@mail.ntua.gr>
Date: Wed, 6 May 2020 18:47:37 +0300
Subject: [PATCH] parser: fix panic on invalid input

Found with cargo-fuzz
---
 melib/src/email/parser.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/melib/src/email/parser.rs b/melib/src/email/parser.rs
index 3240d5c6..5d5b2aca 100644
--- a/melib/src/email/parser.rs
+++ b/melib/src/email/parser.rs
@@ -190,6 +190,9 @@ fn header_with_val(input: &[u8]) -> IResult<&[u8], (&[u8], &[u8])> {
             return IResult::Error(error_code!(ErrorKind::Custom(43)));
         }
     }
+    if ptr >= input.len() {
+        return IResult::Error(error_code!(ErrorKind::Custom(43)));
+    }
     while input[ptr] == b' ' || input[ptr] == b'\t' {
         ptr += 1;
         if ptr >= input.len() {
@@ -227,7 +230,7 @@ fn header_without_val(input: &[u8]) -> IResult<&[u8], (&[u8], &[u8])> {
             return IResult::Error(error_code!(ErrorKind::Custom(43)));
         }
     }
-    if name.is_empty() {
+    if name.is_empty() || input.len() <= ptr {
         return IResult::Error(error_code!(ErrorKind::Custom(43)));
     }
     if input[ptr] == b':' {
@@ -937,6 +940,9 @@ pub fn phrase(input: &[u8], multiline: /* preserve newlines */ bool) -> IResult<
                 .unwrap_or_else(|| ascii_s + input[ascii_s..].len());
             ptr = ascii_e;
         }
+        if ascii_s >= ascii_e {
+            return IResult::Error(error_code!(ErrorKind::Custom(43)));
+        }
 
         acc.extend(
             ascii_token(&input[ascii_s..ascii_e])