diff options
Diffstat (limited to 'vendor/github.com/tdewolff/parse')
| -rw-r--r-- | vendor/github.com/tdewolff/parse/v2/buffer/lexer.go | 5 | ||||
| -rw-r--r-- | vendor/github.com/tdewolff/parse/v2/common.go | 10 | ||||
| -rw-r--r-- | vendor/github.com/tdewolff/parse/v2/html/lex.go | 3 | ||||
| -rw-r--r-- | vendor/github.com/tdewolff/parse/v2/input.go | 5 |
4 files changed, 13 insertions, 10 deletions
diff --git a/vendor/github.com/tdewolff/parse/v2/buffer/lexer.go b/vendor/github.com/tdewolff/parse/v2/buffer/lexer.go index 46e6bdafd..3c9da22d3 100644 --- a/vendor/github.com/tdewolff/parse/v2/buffer/lexer.go +++ b/vendor/github.com/tdewolff/parse/v2/buffer/lexer.go @@ -2,7 +2,6 @@ package buffer import ( "io" - "io/ioutil" ) var nullBuffer = []byte{0} @@ -18,7 +17,7 @@ type Lexer struct { restore func() } -// NewLexer returns a new Lexer for a given io.Reader, and uses ioutil.ReadAll to read it into a byte slice. +// NewLexer returns a new Lexer for a given io.Reader, and uses io.ReadAll to read it into a byte slice. // If the io.Reader implements Bytes, that is used instead. // It will append a NULL at the end of the buffer. func NewLexer(r io.Reader) *Lexer { @@ -30,7 +29,7 @@ func NewLexer(r io.Reader) *Lexer { b = buffer.Bytes() } else { var err error - b, err = ioutil.ReadAll(r) + b, err = io.ReadAll(r) if err != nil { return &Lexer{ buf: nullBuffer, diff --git a/vendor/github.com/tdewolff/parse/v2/common.go b/vendor/github.com/tdewolff/parse/v2/common.go index e0795304c..1883d1bd4 100644 --- a/vendor/github.com/tdewolff/parse/v2/common.go +++ b/vendor/github.com/tdewolff/parse/v2/common.go @@ -317,9 +317,13 @@ func replaceEntities(b []byte, i int, entitiesMap map[string][]byte, revEntities } } else { for ; j < len(b) && j-i-1 <= MaxEntityLength && b[j] != ';'; j++ { + if !(b[j] >= '0' && b[j] <= '9' || b[j] >= 'a' && b[j] <= 'z' || b[j] >= 'A' && b[j] <= 'Z') { + // invalid character reference character + break + } } - if j <= i+1 || len(b) <= j { - return b, j - 1 + if len(b) <= j || j == i+1 || b[j] != ';' { + return b, i } var ok bool @@ -399,7 +403,7 @@ func ReplaceMultipleWhitespaceAndEntities(b []byte, entitiesMap map[string][]byt if j == 0 { return b } else if j == 1 { // only if starts with whitespace - b[k-1] = b[0] + b[k-1] = b[0] // move newline to end of whitespace return b[k-1:] } else if k < len(b) { j += copy(b[j:], b[k:]) diff --git a/vendor/github.com/tdewolff/parse/v2/html/lex.go b/vendor/github.com/tdewolff/parse/v2/html/lex.go index b24d4dcd2..8774ea264 100644 --- a/vendor/github.com/tdewolff/parse/v2/html/lex.go +++ b/vendor/github.com/tdewolff/parse/v2/html/lex.go @@ -362,7 +362,8 @@ func (l *Lexer) shiftBogusComment() []byte { func (l *Lexer) shiftStartTag() (TokenType, []byte) { for { - if c := l.r.Peek(0); (c < 'a' || 'z' < c) && (c < 'A' || 'Z' < c) && (c < '0' || '9' < c) && c != '-' { + // spec says only a-zA-Z0-9, but we're lenient here + if c := l.r.Peek(0); c == ' ' || c == '>' || c == '/' && l.r.Peek(1) == '>' || c == '\t' || c == '\n' || c == '\r' || c == '\f' || c == 0 && l.r.Err() != nil || 0 < len(l.tmplBegin) && l.at(l.tmplBegin...) { break } l.r.Move(1) diff --git a/vendor/github.com/tdewolff/parse/v2/input.go b/vendor/github.com/tdewolff/parse/v2/input.go index 924f14f0c..586ad7306 100644 --- a/vendor/github.com/tdewolff/parse/v2/input.go +++ b/vendor/github.com/tdewolff/parse/v2/input.go @@ -2,7 +2,6 @@ package parse import ( "io" - "io/ioutil" ) var nullBuffer = []byte{0} @@ -18,7 +17,7 @@ type Input struct { restore func() } -// NewInput returns a new Input for a given io.Input and uses ioutil.ReadAll to read it into a byte slice. +// NewInput returns a new Input for a given io.Input and uses io.ReadAll to read it into a byte slice. // If the io.Input implements Bytes, that is used instead. It will append a NULL at the end of the buffer. func NewInput(r io.Reader) *Input { var b []byte @@ -29,7 +28,7 @@ func NewInput(r io.Reader) *Input { b = buffer.Bytes() } else { var err error - b, err = ioutil.ReadAll(r) + b, err = io.ReadAll(r) if err != nil { return &Input{ buf: nullBuffer, |