steveire
commented
7 years ago This is great, thanks!
I started pushing fixes together with the tests, but I didn't get through the entire branch yet. I'll continue later.
Open voetsjoeba opened 7 years ago
steveire
commented
7 years ago This is great, thanks!
I started pushing fixes together with the tests, but I didn't get through the entire branch yet. I'll continue later.
As part of an evaluation I'm running to use the Grantlee libraries as a replacement for another more basic templating engine in another (unrelated) project, I took the liberty of running the excellent AFL fuzzer against the Grantlee_Templates library.
This pull request contains test cases reproducing the various crashes that were found. I have additional commits locally that resolve each test case, although I'm not including them here -- I'd prefer to defer those to you since my familiarity with the code base is limited. Most of these have straightforward fixes -- the exception is the PCRE stack overflow on large quoted strings, for which I see no easy fix.