diff options
author | Asmir Mustafic <[email protected]> | 2020-02-06 11:24:55 +0100 |
---|---|---|
committer | Asmir Mustafic <[email protected]> | 2020-02-06 12:28:31 +0100 |
commit | 21eeaf0a6044318c0fe42e4487e84dcb853af490 (patch) | |
tree | 92f4ad53fe2c08c0f8591049882f6013b0830d07 | |
parent | 104443ad663d15981225f99532ba73c2f1d6b6f2 (diff) |
prevent infinite loop on unterminated entity declaration at end of stream
-rw-r--r-- | src/HTML5/Parser/Tokenizer.php | 7 | ||||
-rw-r--r-- | test/HTML5/Parser/DOMTreeBuilderTest.php | 8 |
2 files changed, 15 insertions, 0 deletions
diff --git a/src/HTML5/Parser/Tokenizer.php b/src/HTML5/Parser/Tokenizer.php index f4e9652..0fd1ee7 100644 --- a/src/HTML5/Parser/Tokenizer.php +++ b/src/HTML5/Parser/Tokenizer.php @@ -1111,6 +1111,13 @@ class Tokenizer if ('#' === $tok) { $tok = $this->scanner->next(); + if (false === $tok) { + $this->parseError('Expected &#DEC; &#HEX;, got EOF'); + $this->scanner->unconsume(1); + + return '&'; + } + // Hexidecimal encoding. // X[0-9a-fA-F]+; // x[0-9a-fA-F]+; diff --git a/test/HTML5/Parser/DOMTreeBuilderTest.php b/test/HTML5/Parser/DOMTreeBuilderTest.php index b5940c2..00e9a47 100644 --- a/test/HTML5/Parser/DOMTreeBuilderTest.php +++ b/test/HTML5/Parser/DOMTreeBuilderTest.php @@ -133,6 +133,14 @@ class DOMTreeBuilderTest extends \Masterminds\HTML5\Tests\TestCase </html>', $doc->saveXML()); } + public function testEntityAtEndOfFile() + { + $fragment = $this->parseFragment('&#'); + $this->assertInstanceOf('DOMDocumentFragment', $fragment); + $this->assertSame('&#', $fragment->textContent); + $this->assertEquals('Line 1, Col 2: Expected &#DEC; &#HEX;, got EOF', $this->errors[0]); + } + public function testStrangeCapitalization() { $html = '<!doctype html> |