diff --git a/sys/uri_parser/uri_parser.c b/sys/uri_parser/uri_parser.c index 294c6d92cb..a300cd4d51 100644 --- a/sys/uri_parser/uri_parser.c +++ b/sys/uri_parser/uri_parser.c @@ -75,9 +75,16 @@ void _consume_userinfo(uri_parser_result_t *result, char *uri, if (userinfo_end) { result->userinfo = uri; result->userinfo_len = userinfo_end - uri; - /* shift host part beyond userinfo and '@' */ - result->host += result->userinfo_len + 1; - result->host_len -= result->userinfo_len + 1; + + /* shift host part beyond userinfo and '@', but only if possible */ + unsigned offset = result->userinfo_len + 1; + if ((result->host + offset) > authority_end) { + result->host_len = 0; + return; + } + + result->host_len -= offset; + result->host += offset; } } @@ -125,6 +132,11 @@ static char *_consume_authority(uri_parser_result_t *result, char *uri, /* consume userinfo, if available */ _consume_userinfo(result, uri, authority_end); + /* host is empty */ + if (result->host_len == 0) { + return authority_end; + } + char *ipv6_end = NULL; /* validate IPv6 form */ if (result->host[0] == '[') {