diff options
author | Asmir Mustafic <[email protected]> | 2020-02-06 11:24:55 +0100 |
---|---|---|
committer | Asmir Mustafic <[email protected]> | 2020-02-06 12:28:31 +0100 |
commit | 21eeaf0a6044318c0fe42e4487e84dcb853af490 (patch) | |
tree | 92f4ad53fe2c08c0f8591049882f6013b0830d07 /src | |
parent | 104443ad663d15981225f99532ba73c2f1d6b6f2 (diff) |
prevent infinite loop on unterminated entity declaration at end of stream
Diffstat (limited to 'src')
-rw-r--r-- | src/HTML5/Parser/Tokenizer.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/HTML5/Parser/Tokenizer.php b/src/HTML5/Parser/Tokenizer.php index f4e9652..0fd1ee7 100644 --- a/src/HTML5/Parser/Tokenizer.php +++ b/src/HTML5/Parser/Tokenizer.php @@ -1111,6 +1111,13 @@ class Tokenizer if ('#' === $tok) { $tok = $this->scanner->next(); + if (false === $tok) { + $this->parseError('Expected &#DEC; &#HEX;, got EOF'); + $this->scanner->unconsume(1); + + return '&'; + } + // Hexidecimal encoding. // X[0-9a-fA-F]+; // x[0-9a-fA-F]+; |