From 954696e7cf236c3aa71dc0b7f9e70d3f51e5cb07 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Sun, 7 Feb 2021 13:23:09 +0100
Subject: [PATCH] Fix infinite loop in HTML parser introduced with recent
 commits

Check for XML_PARSER_EOF to avoid an infinite loop introduced with
recent changes to the HTML push parser.

Found by OSS-Fuzz.
---
 HTMLparser.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/HTMLparser.c b/HTMLparser.c
index 2877f4b7..14cc56fa 100644
--- a/HTMLparser.c
+++ b/HTMLparser.c
@@ -5872,7 +5872,8 @@ htmlParseTryOrFinish(htmlParserCtxtPtr ctxt, int terminate) {
 			xmlGenericError(xmlGenericErrorContext,
 				"HPP: Parsing char data\n");
 #endif
-                        while ((cur != '<') && (in->cur < in->end)) {
+                        while ((ctxt->instate != XML_PARSER_EOF) &&
+                               (cur != '<') && (in->cur < in->end)) {
                             if (cur == '&') {
 			        htmlParseReference(ctxt);
                             } else {