fixes SER-322:

 - parser sticks in an endless loop when the terminating
   quote mark is missing in a substring: @hf_value["Contact].uri
 - quote mark can be escaped: @hf_value[\"Contact\"].uri

diff --git a/select.c b/select.c
index a87fbb2..1f629f3 100644 (file)
--- a/select.c
+++ b/select.c
@@ -92,11 +92,17 @@ int w_parse_select(char**p, select_t* sel)
                sel->n++;
                if (*(*p)=='[') {
                        (*p)++; 
+                       if (*(*p)=='\\') (*p)++;
                        if (*(*p)=='"') {
                                (*p)++; 
                                name.s=(*p);
-                               while (*(*p)!='"') (*p)++;
+                               while ((*(*p)!='\0') && (*(*p)!='"')) (*p)++;
+                               if (*(*p)!='"') {
+                                       ERR("parse_select: end of string is missing\n");
+                                       goto error;
+                               }
                                name.len=(*p)-name.s;
+                               if (*((*p)-1)=='\\') name.len--;
                                (*p)++;
                                if (*(*p)!=']') {
                                        ERR("parse_select: invalid string index, no closing ]\n");