From fa92db5480c9171abd5a0d425354aa2ff58f9d5e Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Fri, 3 Mar 2023 22:35:29 +0000
Subject: [PATCH] Fix heap overflow when reading config.

This catches an error case where the broker would be exiting anyway.

Closes oss-fuzz #56008
---
 src/conf.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/conf.c b/src/conf.c
index 01fdfc42..f1e902b5 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -1073,11 +1073,11 @@ static int config__read_file_core(struct mosquitto__config *config, bool reload,
 						mosquitto__FREE(key);
 						return MOSQ_ERR_INVAL;
 					}
-					token += prefix_len+strlen(key)+1;
-					while(token[0] == ' ' || token[0] == '\t'){
-						token++;
-					}
-					if(token[0]){
+					token = saveptr;
+					if(token && token[0]){
+						while(token[0] == ' ' || token[0] == '\t'){
+							token++;
+						}
 						cur_plugin->config.option_count++;
 						cur_plugin->config.options = mosquitto__realloc(cur_plugin->config.options, (size_t)cur_plugin->config.option_count*sizeof(struct mosquitto_auth_opt));
 						if(!cur_plugin->config.options){