[PATCH 3/4] Don't crash on loading tags longer than 127 chars

[Anton Lundin]

We didn't enforce a limit on tag length, but we would crash on a tag
longer than 127 chars.
This uses the xml buffer as scratch space. Don't really know if this is
fair, but it looks like it works.

Signed-off-by: Anton Lundin <glance at acc.umu.se>
---
 parse-xml.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/parse-xml.c b/parse-xml.c
index 633b448..52abf89 100644
--- a/parse-xml.c
+++ b/parse-xml.c
@@ -218,7 +218,6 @@ enum ParseState {FINDSTART, FINDEND};
 static void divetags(char *buffer, void *_tags)
 {
 	struct tag_entry *tags = _tags;
-	char tag[128];
 	int i = 0, start = 0, end = 0;
 	enum ParseState state = FINDEND;
 	i=0;
@@ -230,10 +229,9 @@ static void divetags(char *buffer, void *_tags)
 				/* Found end of tag */
 				if (i > 1) {
 					if(buffer[i-1] != '\\') {
-						strncpy(tag, buffer+start, end-start+1);
-						tag[end-start+1] = '\0';
+						buffer[end-start+1] = '\0';
 						state=FINDSTART;
-						taglist_add_tag(tags, tag);
+						taglist_add_tag(tags, buffer+start);
 					}
 				} else {
 					state=FINDSTART;
@@ -256,9 +254,9 @@ static void divetags(char *buffer, void *_tags)
 	    if (end < start)
 		    end = strlen(buffer)-1;
 	    if (strlen(buffer) > 0) {
-		    strncpy(tag, buffer+start, end-start+1);
-		    tag[end-start+1] = '\0';
-		    taglist_add_tag(tags, tag);
+			buffer[end-start+1] = '\0';
+			state=FINDSTART;
+			taglist_add_tag(tags, buffer+start);
 	    }
     }
 }
-- 
1.8.3.2