From ee291e45d6e49ccf9b6cb895cf75730b1e6b079f Mon Sep 17 00:00:00 2001
From: Robin Stuart <rstuart114@gmail.com>
Date: Sat, 15 Feb 2020 21:28:40 +0000
Subject: [PATCH] UPCEAN: Check for multiple + characters in input

Fixes #181 reported by Christian Hartlage
---
 backend/upcean.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/backend/upcean.c b/backend/upcean.c
index 482f1165..2c644f48 100644
--- a/backend/upcean.c
+++ b/backend/upcean.c
@@ -698,7 +698,7 @@ INTERNAL int eanx(struct zint_symbol *symbol, unsigned char source[], int src_le
     unsigned char first_part[20] = {0}, second_part[20] = {0}, dest[1000] = {0};
     unsigned char local_source[20] = {0};
     unsigned int latch, reader, writer, with_addon;
-    int error_number, i;
+    int error_number, i, plus_count;
 
 
     with_addon = FALSE;
@@ -723,6 +723,18 @@ INTERNAL int eanx(struct zint_symbol *symbol, unsigned char source[], int src_le
             return error_number;
         }
     }
+    
+    /* Check for multiple '+' characters */
+    plus_count = 0;
+    for (i = 0; i < src_len; i++) {
+        if (source[i] == '+') {
+            plus_count++;
+        }
+    }
+    if (plus_count > 1) {
+        strcpy(symbol->errtxt, "293: Invalid add-on data");
+        return ZINT_ERROR_INVALID_DATA;
+    }
 
     /* Add leading zeroes */
     ustrcpy(local_source, (unsigned char *) "");