mirror of
https://gitlab.gnome.org/GNOME/libxml2.git
synced 2025-07-28 00:21:53 +03:00
592430 - HTML parser runs into endless loop
* HTMLparser.c: fix the problem with detection erroring absolutely, and properly popping up the stack when in EOF, also passes XML_PARSE_HUGE when decoding options.
This commit is contained in:
Daniel Veillard
38
HTMLparser.c
38
HTMLparser.c
@ -59,7 +59,7 @@ static void htmlParseComment(htmlParserCtxtPtr ctxt);
|
||||
|
||||
/************************************************************************
|
||||
* *
|
||||
* Some factorized error routines *
|
||||
* Some factorized error routines *
|
||||
* *
|
||||
************************************************************************/
|
||||
|
||||
@ -147,7 +147,7 @@ htmlParseErrInt(xmlParserCtxtPtr ctxt, xmlParserErrors error,
|
||||
|
||||
/************************************************************************
|
||||
* *
|
||||
* Parser stacks related functions and macros *
|
||||
* Parser stacks related functions and macros *
|
||||
* *
|
||||
************************************************************************/
|
||||
|
||||
@ -525,7 +525,7 @@ htmlSkipBlankChars(xmlParserCtxtPtr ctxt) {
|
||||
|
||||
/************************************************************************
|
||||
* *
|
||||
* The list of HTML elements and their properties *
|
||||
* The list of HTML elements and their properties *
|
||||
* *
|
||||
************************************************************************/
|
||||
|
||||
@ -1107,7 +1107,7 @@ static int htmlStartCloseIndexinitialized = 0;
|
||||
|
||||
/************************************************************************
|
||||
* *
|
||||
* functions to handle HTML specific data *
|
||||
* functions to handle HTML specific data *
|
||||
* *
|
||||
************************************************************************/
|
||||
|
||||
@ -1474,12 +1474,12 @@ htmlIsScriptAttribute(const xmlChar *name) {
|
||||
unsigned int i;
|
||||
|
||||
if (name == NULL)
|
||||
return(0);
|
||||
return(0);
|
||||
/*
|
||||
* all script attributes start with 'on'
|
||||
*/
|
||||
if ((name[0] != 'o') || (name[1] != 'n'))
|
||||
return(0);
|
||||
return(0);
|
||||
for (i = 0;
|
||||
i < sizeof(htmlScriptAttributes)/sizeof(htmlScriptAttributes[0]);
|
||||
i++) {
|
||||
@ -1491,7 +1491,7 @@ htmlIsScriptAttribute(const xmlChar *name) {
|
||||
|
||||
/************************************************************************
|
||||
* *
|
||||
* The list of HTML predefined entities *
|
||||
* The list of HTML predefined entities *
|
||||
* *
|
||||
************************************************************************/
|
||||
|
||||
@ -3519,6 +3519,8 @@ htmlParseStartTag(htmlParserCtxtPtr ctxt) {
|
||||
int i;
|
||||
int discardtag = 0;
|
||||
|
||||
if (ctxt->instate == XML_PARSER_EOF)
|
||||
return(-1);
|
||||
if ((ctxt == NULL) || (ctxt->input == NULL)) {
|
||||
htmlParseErr(ctxt, XML_ERR_INTERNAL_ERROR,
|
||||
"htmlParseStartTag: context error\n", NULL, NULL);
|
||||
@ -3537,7 +3539,8 @@ htmlParseStartTag(htmlParserCtxtPtr ctxt) {
|
||||
"htmlParseStartTag: invalid element name\n",
|
||||
NULL, NULL);
|
||||
/* Dump the bogus tag like browsers do */
|
||||
while ((IS_CHAR_CH(CUR)) && (CUR != '>'))
|
||||
while ((IS_CHAR_CH(CUR)) && (CUR != '>') &&
|
||||
(ctxt->instate != XML_PARSER_EOF))
|
||||
NEXT;
|
||||
return -1;
|
||||
}
|
||||
@ -3910,6 +3913,10 @@ htmlParseContent(htmlParserCtxtPtr ctxt) {
|
||||
long cons = ctxt->nbChars;
|
||||
|
||||
GROW;
|
||||
|
||||
if (ctxt->instate == XML_PARSER_EOF)
|
||||
break;
|
||||
|
||||
/*
|
||||
* Our tag or one of it's parent or children is ending.
|
||||
*/
|
||||
@ -3932,7 +3939,7 @@ htmlParseContent(htmlParserCtxtPtr ctxt) {
|
||||
"htmlParseStartTag: invalid element name\n",
|
||||
NULL, NULL);
|
||||
/* Dump the bogus tag like browsers do */
|
||||
while ((IS_CHAR_CH(CUR)) && (CUR != '>'))
|
||||
while ((IS_CHAR_CH(CUR)) && (CUR != '>'))
|
||||
NEXT;
|
||||
|
||||
if (currentNode != NULL)
|
||||
@ -4073,6 +4080,9 @@ htmlParseElement(htmlParserCtxtPtr ctxt) {
|
||||
int depth;
|
||||
const xmlChar *oldptr;
|
||||
|
||||
if (ctxt->instate == XML_PARSER_EOF)
|
||||
return;
|
||||
|
||||
if ((ctxt == NULL) || (ctxt->input == NULL)) {
|
||||
htmlParseErr(ctxt, XML_ERR_INTERNAL_ERROR,
|
||||
"htmlParseElement: context error\n", NULL, NULL);
|
||||
@ -4570,7 +4580,7 @@ htmlCreateDocParserCtxt(const xmlChar *cur, const char *encoding) {
|
||||
#ifdef LIBXML_PUSH_ENABLED
|
||||
/************************************************************************
|
||||
* *
|
||||
* Progressive parsing interfaces *
|
||||
* Progressive parsing interfaces *
|
||||
* *
|
||||
************************************************************************/
|
||||
|
||||
@ -5185,7 +5195,7 @@ htmlParseTryOrFinish(htmlParserCtxtPtr ctxt, int terminate) {
|
||||
(in->cur[2] == '-') && (in->cur[3] == '-')) {
|
||||
if ((!terminate) &&
|
||||
(htmlParseLookupSequence(
|
||||
ctxt, '-', '-', '>', 1, 1) < 0))
|
||||
ctxt, '-', '-', '>', 1, 1) < 0))
|
||||
goto done;
|
||||
#ifdef DEBUG_PUSH
|
||||
xmlGenericError(xmlGenericErrorContext,
|
||||
@ -5922,7 +5932,7 @@ htmlNodeStatus(const htmlNodePtr node, int legacy) {
|
||||
* current scope
|
||||
*/
|
||||
#define DICT_FREE(str) \
|
||||
if ((str) && ((!dict) || \
|
||||
if ((str) && ((!dict) || \
|
||||
(xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \
|
||||
xmlFree((char *)(str));
|
||||
|
||||
@ -6064,6 +6074,10 @@ htmlCtxtUseOptions(htmlParserCtxtPtr ctxt, int options)
|
||||
ctxt->options |= HTML_PARSE_COMPACT;
|
||||
options -= HTML_PARSE_COMPACT;
|
||||
}
|
||||
if (options & XML_PARSE_HUGE) {
|
||||
ctxt->options |= XML_PARSE_HUGE;
|
||||
options -= XML_PARSE_HUGE;
|
||||
}
|
||||
ctxt->dictNames = 0;
|
||||
return (options);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user