Add test case. Fix Dot3 in read JWT.

src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs

@@ -463,11 +463,10 @@ internal void ReadToken(ReadOnlyMemory<char> encodedTokenMemory)
                 // empty payload for JWE's {encrypted tokens}.
                 Payload = new JsonClaimSet();
 
-                if (Dot3 == encodedTokenSpan.Length) // TODO: Should this be encodedJsonSpan.Length - 1? 
-                    throw LogHelper.LogExceptionMessage(new ArgumentException(LogMessages.IDX14121));
-
                 Dot3 = Dot2 + Dot3 + 1;
-
+                if (Dot3 == encodedTokenSpan.Length - 1)
+                    throw LogHelper.LogExceptionMessage(new SecurityTokenMalformedException(LogMessages.IDX14121));
+
                 Dot4 = encodedTokenSpan.Slice(Dot3 + 1).IndexOf('.');
                 if (Dot4 == -1)
                     throw LogHelper.LogExceptionMessage(new SecurityTokenMalformedException(LogMessages.IDX14121));

test/System.IdentityModel.Tokens.Jwt.Tests/JwtTestData.cs

@@ -60,6 +60,13 @@ public static TheoryData<JwtTheoryData> InvalidNumberOfSegmentsData(IList<string
                 Token = "a"
             });
             theoryData.Add(new JwtTheoryData
+            {
+                CanRead = false,
+                ExpectedException = ExpectedException.SecurityTokenMalformedTokenException(errorStrings[0]),
+                TestId = "a.",
+                Token = "a."
+            });
+            theoryData.Add(new JwtTheoryData
             {
                 CanRead = false,
                 ExpectedException = ExpectedException.SecurityTokenMalformedTokenException(errorStrings[1]),