RubyGems - redcarpet - Versions diffs - 1.3.2 → 1.3.3 - Mend

redcarpet 1.3.2 → 1.3.3

Potentially problematic release.

This version of redcarpet might be problematic. Click here for more details.

Files changed (8) hide show

data/ext/buffer.c CHANGED

@@ -21,9 +21,9 @@
  *
  * BUFFER_STATS • if defined, stats are kept about memory usage
  */
-#define BUFFER_STATS
 #define BUFFER_STDARG
+#define BUFFER_MAX_ALLOC_SIZE (1024 * 1024 * 16) //16mb
 #include "buffer.h"
@@ -153,7 +153,7 @@ int
 bufgrow(struct buf *buf, size_t neosz) {
 	size_t neoasz;
 	void *neodata;
-	if (!buf || !buf->unit) return 0;
+	if (!buf || !buf->unit || neosz > BUFFER_MAX_ALLOC_SIZE) return 0;
 	if (buf->asize >= neosz) return 1;
 	neoasz = buf->asize + buf->unit;
 	while (neoasz < neosz) neoasz += buf->unit;

data/ext/buffer.h CHANGED

@@ -34,8 +34,6 @@ struct buf {
 	size_t	unit;	/* reallocation unit size (0 = read-only buffer) */
 	int	ref; };	/* reference count */
 /**********
  * MACROS *
  **********/

data/ext/markdown.c CHANGED

@@ -600,7 +600,7 @@ char_langle_tag(struct buf *ob, struct render *rndr, char *data, size_t offset,
 	struct buf work = { data, end, 0, 0, 0 };
 	int ret = 0;
-	if (end) {
+	if (end > 2) {
 		if (rndr->make.autolink && altype != MKDA_NOT_AUTOLINK) {
 			work.data = data + 1;
 			work.size = end - 2;
@@ -1001,23 +1001,29 @@ parse_blockquote(struct buf *ob, struct render *rndr, char *data, size_t size)
 	beg = 0;
 	while (beg < size) {
-		for (end = beg + 1; end < size && data[end - 1] != '\n'; end += 1);
+		for (end = beg + 1; end < size && data[end - 1] != '\n'; end++);
 		pre = prefix_quote(data + beg, end - beg);
-		if (pre) beg += pre; /* skipping prefix */
-		else if (is_empty(data + beg, end - beg)
-		&& (end >= size || (prefix_quote(data + end, size - end) == 0
-					&& !is_empty(data + end, size - end))))
-			/* empty line followed by non-quote line */
+		if (pre)
+			beg += pre; /* skipping prefix */
+		/* empty line followed by non-quote line */
+		else if (is_empty(data + beg, end - beg) &&
+				(end >= size || (prefix_quote(data + end, size - end) == 0 &&
+				!is_empty(data + end, size - end))))
 			break;
 		if (beg < end) { /* copy into the in-place working buffer */
 			/* bufput(work, data + beg, end - beg); */
 			if (!work_data)
 				work_data = data + beg;
 			else if (data + beg != work_data + work_size)
-				memmove(work_data + work_size, data + beg,
-						end - beg);
-			work_size += end - beg; }
-		beg = end; }
+				memmove(work_data + work_size, data + beg, end - beg);
+			work_size += end - beg;
+		}
+		beg = end;
+	}
 	parse_block(out, rndr, work_data, work_size);
 	if (rndr->make.blockquote)
@@ -1094,7 +1100,7 @@ parse_paragraph(struct buf *ob, struct render *rndr, char *data, size_t size)
 			while (work.size && data[work.size - 1] == '\n')
 				work.size -= 1;
-			if (work.size) {
+			if (work.size > 0) {
 				struct buf *tmp = 0;
 				if (rndr->work.size < rndr->work.asize) {
@@ -1330,18 +1336,32 @@ parse_atxheader(struct buf *ob, struct render *rndr, char *data, size_t size)
 	size_t i, end, skip;
 	struct buf work = { data, 0, 0, 0, 0 };
-	if (!size || data[0] != '#') return 0;
-	while (level < size && level < 6 && data[level] == '#') level += 1;
-	for (i = level; i < size && (data[i] == ' ' || data[i] == '\t');
-							i += 1);
+	if (!size || data[0] != '#')
+		return 0;
+	while (level < size && level < 6 && data[level] == '#')
+		level++;
+	for (i = level; i < size && (data[i] == ' ' || data[i] == '\t'); i++);
 	work.data = data + i;
-	for (end = i; end < size && data[end] != '\n'; end += 1);
+	for (end = i; end < size && data[end] != '\n'; end++);
 	skip = end;
-	while (end && data[end - 1] == '#') end -= 1;
-	while (end && (data[end - 1] == ' ' || data[end - 1] == '\t')) end -= 1;
-	work.size = end - i;
-	if (rndr->make.header)
-		rndr->make.header(ob, &work, (int)level, &rndr->make.render_options);
+	while (end && data[end - 1] == '#')
+		end--;
+	while (end && (data[end - 1] == ' ' || data[end - 1] == '\t'))
+		end--;
+	if (end > i) {
+		work.size = end - i;
+		if (rndr->make.header)
+			rndr->make.header(ob, &work, (int)level, &rndr->make.render_options);
+	}
 	return skip;
 }

data/ext/xhtml.c CHANGED

@@ -47,12 +47,6 @@ is_safe_link(const char *link, size_t link_len)
 	return 0;
 }
-static inline int
-is_uri_char(char c)
-{
-	return isalnum(c) || strchr("/:$-_.+!*'(),", c) != NULL;
-}
 static inline int
 put_scaped_char(struct buf *ob, char c)
 {
@@ -454,7 +448,7 @@ rndr_normal_text(struct buf *ob, struct buf *text, struct mkd_renderopt *options
 				is_safe_link(text->data + i, text->size - i)) {
 				size_t j = i;
-				while (j < text->size && is_uri_char(text->data[j]))
+				while (j < text->size && !isspace(text->data[j]))
 					j++;
 				rndr_autolink2(ob, &text->data[i], j - i, MKDA_NORMAL);

data/lib/redcarpet.rb CHANGED

@@ -26,7 +26,7 @@
 #   end
 #
 class Redcarpet
-  VERSION = '1.3.2'
+  VERSION = '1.3.3'
   # Original Markdown formatted text.
   attr_reader :text

data/redcarpet.gemspec CHANGED

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'redcarpet'
-  s.version = '1.3.2'
+  s.version = '1.3.3'
   s.summary = "Ruby bindings for libupskirt"
   s.date = '2011-04-06'
   s.email = 'vicent@github.com'

data/test/redcarpet_test.rb CHANGED

@@ -146,4 +146,12 @@ class RedcarpetTest < Test::Unit::TestCase
    This could be more elegant.
     leaks
   end
+  def test_infinite_loop_in_header
+    assert_equal Redcarpet.new(<<-header).to_html.strip, "<h1>Body</h1>"
+######
+#Body#
+######
+    header
+  end
 end

metadata CHANGED

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: redcarpet
 version: !ruby/object:Gem::Version
-  hash: 31
+  hash: 29
   prerelease: false
   segments:
   - 1
   - 3
-  - 2
-  version: 1.3.2
+  - 3
+  version: 1.3.3
 platform: ruby
 authors:
 - "Natacha Port\xC3\xA9"