From 21eeaf0a6044318c0fe42e4487e84dcb853af490 Mon Sep 17 00:00:00 2001
From: Asmir Mustafic <goetas@gmail.com>
Date: Thu, 6 Feb 2020 11:24:55 +0100
Subject: prevent infinite loop on unterminated entity declaration at end of
 stream

---
 src/HTML5/Parser/Tokenizer.php | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/HTML5')

diff --git a/src/HTML5/Parser/Tokenizer.php b/src/HTML5/Parser/Tokenizer.php
index f4e9652..0fd1ee7 100644
--- a/src/HTML5/Parser/Tokenizer.php
+++ b/src/HTML5/Parser/Tokenizer.php
@@ -1111,6 +1111,13 @@ class Tokenizer
         if ('#' === $tok) {
             $tok = $this->scanner->next();
 
+            if (false === $tok) {
+                $this->parseError('Expected &#DEC; &#HEX;, got EOF');
+                $this->scanner->unconsume(1);
+
+                return '&';
+            }
+
             // Hexidecimal encoding.
             // X[0-9a-fA-F]+;
             // x[0-9a-fA-F]+;
-- 
cgit v1.2.3