[evolution-data-server] Fix possible invalid read when checking citation depth

[Milan Crha <mcrha src gnome org>]

commit 8a5cc4b8232ec31696d98dfe67d42c790e12fc8b
Author: Milan Crha <mcrha redhat com>
Date:   Thu Jan 27 19:30:00 2011 +0100

    Fix possible invalid read when checking citation depth

 camel/camel-mime-filter-tohtml.c |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/camel/camel-mime-filter-tohtml.c b/camel/camel-mime-filter-tohtml.c
index 85e31b7..c397010 100644
--- a/camel/camel-mime-filter-tohtml.c
+++ b/camel/camel-mime-filter-tohtml.c
@@ -122,7 +122,7 @@ append_string_verbatim (CamelMimeFilter *mime_filter,
 }
 
 static gint
-citation_depth (const gchar *in)
+citation_depth (const gchar *in, const gchar *inend)
 {
 	register const gchar *inptr = in;
 	gint depth = 1;
@@ -136,11 +136,11 @@ citation_depth (const gchar *in)
 		return 0;
 #endif
 
-	while (*inptr != '\n') {
+	while (inptr < inend && *inptr != '\n') {
 		if (*inptr == ' ')
 			inptr++;
 
-		if (*inptr++ != '>')
+		if (inptr >= inend || *inptr++ != '>')
 			break;
 
 		depth++;
@@ -285,7 +285,7 @@ html_convert (CamelMimeFilter *mime_filter,
 		depth = 0;
 
 		if (priv->flags & CAMEL_MIME_FILTER_TOHTML_MARK_CITATION) {
-			if ((depth = citation_depth (start)) > 0) {
+			if ((depth = citation_depth (start, inend)) > 0) {
 				/* FIXME: we could easily support multiple color depths here */
 
 				outptr = check_size (mime_filter, outptr, &outend, 25);