From f1d44f1b36c2f6767cbace2aeba7d84a0a99d1f0 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Mon, 8 Jun 2020 17:09:41 +0100
Subject: [PATCH] [Minor] Add one more boundary check

---
 src/libserver/html.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libserver/html.c b/src/libserver/html.c
index 16f108ecf0..37c8858bd7 100644
--- a/src/libserver/html.c
+++ b/src/libserver/html.c
@@ -368,7 +368,7 @@ rspamd_html_decode_entitles_inplace (gchar *s, gsize len)
 
 	end = s + l;
 
-	while (h - s < l) {
+	while (h - s < l && t <= h) {
 		switch (state) {
 		/* Out of entity */
 		case 0:
-- 
2.47.3