mirror of
https://github.com/python/cpython.git
synced 2025-11-24 20:30:18 +00:00
gh-135661: Fix parsing unterminated bogus comments in HTMLParser (GH-137873)
Some checks are pending
Tests / Docs (push) Blocked by required conditions
Tests / Windows MSI (push) Blocked by required conditions
Tests / Hypothesis tests on Ubuntu (push) Blocked by required conditions
Tests / Change detection (push) Waiting to run
Tests / Check if Autoconf files are up to date (push) Blocked by required conditions
Tests / Check if generated files are up to date (push) Blocked by required conditions
Tests / (push) Blocked by required conditions
Tests / Ubuntu SSL tests with OpenSSL (push) Blocked by required conditions
Tests / Ubuntu SSL tests with AWS-LC (push) Blocked by required conditions
Tests / Android (aarch64) (push) Blocked by required conditions
Tests / Android (x86_64) (push) Blocked by required conditions
Tests / WASI (push) Blocked by required conditions
Tests / Address sanitizer (push) Blocked by required conditions
Tests / Sanitizers (push) Blocked by required conditions
Tests / Cross build Linux (push) Blocked by required conditions
Tests / CIFuzz (push) Blocked by required conditions
Tests / All required checks pass (push) Blocked by required conditions
Lint / lint (push) Waiting to run
mypy / Run mypy on Lib/_pyrepl (push) Waiting to run
mypy / Run mypy on Lib/test/libregrtest (push) Waiting to run
mypy / Run mypy on Lib/tomllib (push) Waiting to run
mypy / Run mypy on Tools/build (push) Waiting to run
mypy / Run mypy on Tools/cases_generator (push) Waiting to run
mypy / Run mypy on Tools/clinic (push) Waiting to run
mypy / Run mypy on Tools/jit (push) Waiting to run
mypy / Run mypy on Tools/peg_generator (push) Waiting to run
Some checks are pending
Tests / Docs (push) Blocked by required conditions
Tests / Windows MSI (push) Blocked by required conditions
Tests / Hypothesis tests on Ubuntu (push) Blocked by required conditions
Tests / Change detection (push) Waiting to run
Tests / Check if Autoconf files are up to date (push) Blocked by required conditions
Tests / Check if generated files are up to date (push) Blocked by required conditions
Tests / (push) Blocked by required conditions
Tests / Ubuntu SSL tests with OpenSSL (push) Blocked by required conditions
Tests / Ubuntu SSL tests with AWS-LC (push) Blocked by required conditions
Tests / Android (aarch64) (push) Blocked by required conditions
Tests / Android (x86_64) (push) Blocked by required conditions
Tests / WASI (push) Blocked by required conditions
Tests / Address sanitizer (push) Blocked by required conditions
Tests / Sanitizers (push) Blocked by required conditions
Tests / Cross build Linux (push) Blocked by required conditions
Tests / CIFuzz (push) Blocked by required conditions
Tests / All required checks pass (push) Blocked by required conditions
Lint / lint (push) Waiting to run
mypy / Run mypy on Lib/_pyrepl (push) Waiting to run
mypy / Run mypy on Lib/test/libregrtest (push) Waiting to run
mypy / Run mypy on Lib/tomllib (push) Waiting to run
mypy / Run mypy on Tools/build (push) Waiting to run
mypy / Run mypy on Tools/cases_generator (push) Waiting to run
mypy / Run mypy on Tools/clinic (push) Waiting to run
mypy / Run mypy on Tools/jit (push) Waiting to run
mypy / Run mypy on Tools/peg_generator (push) Waiting to run
Bogus comments that start with "<
Serhiy Storchaka
GitHub
parent
eac37b46d9
commit
7636a66635
2 changed files with 9 additions and 15 deletions
|
|
@ -271,11 +271,8 @@ class HTMLParser(_markupbase.ParserBase):
|
||||||
j -= len(suffix)
|
j -= len(suffix)
|
||||||
break
|
break
|
||||||
self.handle_comment(rawdata[i+4:j])
|
self.handle_comment(rawdata[i+4:j])
|
||||||
elif startswith("<![CDATA[", i):
|
elif startswith("<![CDATA[", i) and self._support_cdata:
|
||||||
if self._support_cdata:
|
self.unknown_decl(rawdata[i+3:])
|
||||||
self.unknown_decl(rawdata[i+3:])
|
|
||||||
else:
|
|
||||||
self.handle_comment(rawdata[i+1:])
|
|
||||||
elif rawdata[i:i+9].lower() == '<!doctype':
|
elif rawdata[i:i+9].lower() == '<!doctype':
|
||||||
self.handle_decl(rawdata[i+2:])
|
self.handle_decl(rawdata[i+2:])
|
||||||
elif startswith("<!", i):
|
elif startswith("<!", i):
|
||||||
|
|
@ -350,15 +347,12 @@ class HTMLParser(_markupbase.ParserBase):
|
||||||
if rawdata[i:i+4] == '<!--':
|
if rawdata[i:i+4] == '<!--':
|
||||||
# this case is actually already handled in goahead()
|
# this case is actually already handled in goahead()
|
||||||
return self.parse_comment(i)
|
return self.parse_comment(i)
|
||||||
elif rawdata[i:i+9] == '<![CDATA[':
|
elif rawdata[i:i+9] == '<![CDATA[' and self._support_cdata:
|
||||||
if self._support_cdata:
|
j = rawdata.find(']]>', i+9)
|
||||||
j = rawdata.find(']]>', i+9)
|
if j < 0:
|
||||||
if j < 0:
|
return -1
|
||||||
return -1
|
self.unknown_decl(rawdata[i+3: j])
|
||||||
self.unknown_decl(rawdata[i+3: j])
|
return j + 3
|
||||||
return j + 3
|
|
||||||
else:
|
|
||||||
return self.parse_bogus_comment(i)
|
|
||||||
elif rawdata[i:i+9].lower() == '<!doctype':
|
elif rawdata[i:i+9].lower() == '<!doctype':
|
||||||
# find the closing >
|
# find the closing >
|
||||||
gtpos = rawdata.find('>', i+9)
|
gtpos = rawdata.find('>', i+9)
|
||||||
|
|
|
||||||
|
|
@ -791,7 +791,7 @@ text
|
||||||
self._run_check('<![CDATA[' + content,
|
self._run_check('<![CDATA[' + content,
|
||||||
[('unknown decl', 'CDATA[' + content)])
|
[('unknown decl', 'CDATA[' + content)])
|
||||||
self._run_check('<![CDATA[' + content,
|
self._run_check('<![CDATA[' + content,
|
||||||
[('comment', '![CDATA[' + content)],
|
[('comment', '[CDATA[' + content)],
|
||||||
collector=EventCollector(autocdata=True))
|
collector=EventCollector(autocdata=True))
|
||||||
self._run_check('<svg><text y="100"><![CDATA[' + content,
|
self._run_check('<svg><text y="100"><![CDATA[' + content,
|
||||||
[('starttag', 'svg', []),
|
[('starttag', 'svg', []),
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue