The iconv() functions to convert to and from Pilot charset pass
a const char* as the source text, but iconv() expects a char**.
Create a local copy of the const char* and use that.
Also add sanity checks to avoid dereferencing NULL pointers.

--- libpisync/util.c	2006-08-25 14:33:25.000000000 +0200
+++ libpisync/util.c	2016-12-20 14:55:18.996691848 +0100
@@ -104,24 +104,44 @@
 		    int bytes, char **ptext, const char * pi_charset)
 {
 #ifdef HAVE_ICONV
+	char*	ib;
 	char*	ob;
 	iconv_t cd;
-	size_t 	ibl, obl;
+	size_t 	tbl, ibl, obl;
+
+	if(NULL==text){
+		return -1;
+	}
+	tbl	= strlen(text) + 1;
+	ib	= calloc(tbl, sizeof(char));
+	if(NULL==ib){
+		return -1;
+	}
+	memcpy(ib, text, tbl);
 
 	if(NULL==pi_charset){
 		pi_charset = PILOT_CHARSET;
 	}
-
 	cd = iconv_open(pi_charset, charset);
-	if (cd==(iconv_t)-1)
+	if (cd==(iconv_t)-1) {
+		free(ib);
 		return -1;
+	}
 
 	ibl 	= bytes;
 	obl 	= bytes * 4 + 1;
 	*ptext 	= ob = malloc(obl);
+	if(NULL==ob){
+		free(ib);
+		return -1;
+	}
 	
-	if (iconv(cd, &text, &ibl, &ob, &obl) == (size_t)-1)
+	if (iconv(cd, &ib, &ibl, &ob, &obl) == (size_t)-1) {
+		free(ib);
+		free(ob);
 		return -1;
+	}
+	free(ib);
 	*ob = '\0';
 
 	iconv_close(cd);
@@ -195,24 +215,44 @@
 		      int bytes, char **text, const char * pi_charset)
 {
 #ifdef HAVE_ICONV
+	char*	ib;
 	char*	ob;
 	iconv_t cd;
-	size_t 	ibl, obl;
+	size_t 	tbl, ibl, obl;
+
+	if(NULL==ptext){
+		return -1;
+	}
+	tbl	= strlen(ptext) + 1;
+	ib	= calloc(tbl, sizeof(char));
+	if(NULL==ib){
+		return -1;
+	}
+	memcpy(ib, ptext, tbl);
 
 	if(NULL==pi_charset){
 		pi_charset = PILOT_CHARSET;
 	}
-
 	cd = iconv_open(charset, pi_charset);
-	if (cd==(iconv_t)-1)
+	if (cd==(iconv_t)-1) {
+		free(ib);
 		return -1;
+	}
 
 	ibl 	= bytes;
 	obl 	= bytes * 4 + 1;
 	*text 	= ob = malloc(obl);
+	if(NULL==ob){
+		free(ib);
+		return -1;
+	}
 	
-	if (iconv(cd, &ptext, &ibl, &ob, &obl) == (size_t)-1)
+	if (iconv(cd, &ib, &ibl, &ob, &obl) == (size_t)-1) {
+		free(ib);
+		free(ob);
 		return -1;
+	}
+	free(ib);
 	*ob = '\0';
 
 	iconv_close(cd);