diff --git a/netwerk/mime/nsMIMEHeaderParamImpl.cpp b/netwerk/mime/nsMIMEHeaderParamImpl.cpp
index 2c42afa487b0..362ff1f6abfd 100644
--- a/netwerk/mime/nsMIMEHeaderParamImpl.cpp
+++ b/netwerk/mime/nsMIMEHeaderParamImpl.cpp
@@ -1238,13 +1238,14 @@ nsresult DecodeRFC2047Str(const char *aHeader, const char *aDefaultCharset,
     if (q[1] != '?')
       goto badsyntax;
 
-    r = q;
-    for (r = q + 2; *r != '?'; r++) {
+    // loop-wise, keep going until we hit "?=".  the inner check handles the
+    //  nul terminator should the string terminate before we hit the right
+    //  marker.  (And the r[1] will never reach beyond the end of the string
+    //  because *r != '?' is true if r is the nul character.)
+    for (r = q + 2; *r != '?' || r[1] != '='; r++) {
       if (*r < ' ') goto badsyntax;
     }
-    if (r[1] != '=')
-        goto badsyntax;
-    else if (r == q + 2) {
+    if (r == q + 2) {
         // it's empty, skip
         begin = r + 2;
         isLastEncodedWord = 1;