prevent infinite loop on unterminated entity declaration at end of stream

author: Asmir Mustafic <[email protected]> 2020-02-06 11:24:55 +0100
committer: Asmir Mustafic <[email protected]> 2020-02-06 12:28:31 +0100
commit: 21eeaf0a6044318c0fe42e4487e84dcb853af490 (patch)
tree: 92f4ad53fe2c08c0f8591049882f6013b0830d07 /src
parent: 104443ad663d15981225f99532ba73c2f1d6b6f2 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/src/HTML5/Parser/Tokenizer.php b/src/HTML5/Parser/Tokenizer.php
index f4e9652..0fd1ee7 100644
--- a/src/HTML5/Parser/Tokenizer.php
+++ b/src/HTML5/Parser/Tokenizer.php
@@ -1111,6 +1111,13 @@ class Tokenizer
         if ('#' === $tok) {
             $tok = $this->scanner->next();
 
+            if (false === $tok) {
+                $this->parseError('Expected &#DEC; &#HEX;, got EOF');
+                $this->scanner->unconsume(1);
+
+                return '&';
+            }
+
             // Hexidecimal encoding.
             // X[0-9a-fA-F]+;
             // x[0-9a-fA-F]+;
author	Asmir Mustafic <[email protected]>	2020-02-06 11:24:55 +0100
committer	Asmir Mustafic <[email protected]>	2020-02-06 12:28:31 +0100
commit	21eeaf0a6044318c0fe42e4487e84dcb853af490 (patch)
tree	92f4ad53fe2c08c0f8591049882f6013b0830d07 /src
parent	104443ad663d15981225f99532ba73c2f1d6b6f2 (diff)