commit | 500789224b59fa70d6837be5cd1edb8e2f1eccb6 | [log] [tgz] |
---|---|---|
author | Nick Wellnhofer <wellnhofer@aevum.de> | Sun Jul 12 20:28:47 2020 +0200 |
committer | Nick Wellnhofer <wellnhofer@aevum.de> | Mon Jul 13 12:19:24 2020 +0200 |
tree | 71ff66c0a3dd0d12e26a9fc9dec9daf53652609b | |
parent | d6761e706fc5de1f25763d6742864f547940d964 [diff] |
Fix quadratic runtime when parsing HTML script content If htmlParseScript returns upon hitting an invalid character, htmlParseLookupSequence will be called again with checkIndex reset to zero, potentially resulting in quadratic runtime. Make sure that htmlParseScript consumes all input in one go and simply skips over invalid characters similar to htmlParseCharDataInternal. Found by OSS-Fuzz.