From d9d225e44d6462191a30350d423af47ac33ca59e Mon Sep 17 00:00:00 2001
From: rpointel <rpointel@openbsd.org>
Date: Fri, 29 Jul 2016 18:57:39 +0000
Subject: [PATCH] Fix regression introduced by patch to CVE-2016-0718: Tag
 names were cut off in some cases.

---
 lib/libexpat/lib/xmlparse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/libexpat/lib/xmlparse.c b/lib/libexpat/lib/xmlparse.c
index 3bb80eee27e..2569fef7900 100644
--- a/lib/libexpat/lib/xmlparse.c
+++ b/lib/libexpat/lib/xmlparse.c
@@ -2435,7 +2435,7 @@ doContent(XML_Parser parser,
                        &fromPtr, rawNameEnd,
                        (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1);
             convLen = (int)(toPtr - (XML_Char *)tag->buf);
-            if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) {
+            if ((fromPtr >= rawNameEnd) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) {
               tag->name.strLen = convLen;
               break;
             }
-- 
2.20.1