1 files changed, 16 insertions, 4 deletions

diff --git a/pom.c b/pom.c
index dadcece..37afeca 100644
--- a/pom.c
+++ b/pom.c
@@ -690,15 +690,19 @@ parse_escape_sequence(struct parser *parser, const char **p_str) {
 	case 'u': {
 		if (*str++ != '{') goto invalid_sequence;
 		uint_fast32_t value = 0;
-		char c;
-		while ((c = *str++) != '}') {
+		int i;
+		for (i = 0; i < 7; i++) {
+			char c = *str++;
+			if (c == '}') break;
+			if (i == 6)
+				goto invalid_sequence; // too long
 			int digit = parse_hex_digit(c);
 			if (digit < 0) goto invalid_sequence;
 			value <<= 4;
 			value |= digit;
 			if (value > 0x10ffff) goto invalid_sequence;
 		}
-		if (value >= 0xd800 && value <= 0xdfff)
+		if (value == 0 || (value >= 0xd800 && value <= 0xdfff))
 			goto invalid_sequence; // utf-16 surrogate
 		if (value < 0x80) {
 			// ASCII
@@ -728,10 +732,18 @@ parse_escape_sequence(struct parser *parser, const char **p_str) {
 
 static void
 parse_quoted_value(struct parser *parser, const char *first_line) {
+	uint64_t start_line_number = parser->line_number;
 	const char *line = first_line;
 	char delimiter = *line++;
 	assert(delimiter == '"' || delimiter == '`');
-	while (!parser->eof && !parser->out_of_memory) {
+	while (!parser->out_of_memory) {
+		if (parser->eof) {
+			uint64_t prev = parser->line_number;
+			parser->line_number = start_line_number;
+			parser_error(parser, ERROR_NO_CLOSING_QUOTE, delimiter);
+			parser->line_number = prev;
+			break;
+		}
 		char c;
 		while ((c = *line++)) {
 			if (c == delimiter) {