From a73701aec2ef222afc04e9e7f573dd744694f951 Mon Sep 17 00:00:00 2001
From: Hans Leidekker <hans@codeweavers.com>
Date: Wed, 6 Apr 2016 15:55:53 +0200
Subject: [PATCH] webservices: Reset the read position if an opening bracket is
 not followed by a valid name character.

Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 dlls/webservices/reader.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/dlls/webservices/reader.c b/dlls/webservices/reader.c
index f12c1188594..eb16427208d 100644
--- a/dlls/webservices/reader.c
+++ b/dlls/webservices/reader.c
@@ -919,6 +919,11 @@ static inline void read_skip( struct reader *reader, unsigned int count )
     reader->read_pos += count;
 }
 
+static inline void read_rewind( struct reader *reader, unsigned int count )
+{
+    reader->read_pos -= count;
+}
+
 static inline BOOL read_isnamechar( unsigned int ch )
 {
     /* FIXME: incomplete */
@@ -1179,6 +1184,11 @@ static HRESULT read_element( struct reader *reader )
 
     if (read_cmp( reader, "<", 1 )) goto error;
     read_skip( reader, 1 );
+    if (!read_isnamechar( read_utf8_char( reader, &skip )))
+    {
+        read_rewind( reader, 1 );
+        goto error;
+    }
 
     start = read_current_ptr( reader );
     for (;;)