search

wooorm / markdown-rs

CommonMark compliant markdown parser in Rust with ASTs and extensions
https://docs.rs/markdown/1.0.0-alpha.18/markdown/
MIT License
836 stars 41 forks source link

GFM with allow_dangerous_html panics when a tag contains a newline after its name #80

Closed sornas closed 10 months ago

sornas commented 10 months ago 
fn main() {
    let source = r#"
<div
>
>/div>
    "#;
    let _md = markdown::to_html_with_options(source, &markdown::Options {
        parse: markdown::ParseOptions::gfm(),
        compile: markdown::CompileOptions {
            allow_dangerous_html: true,
            ..markdown::CompileOptions::gfm()
        },
    }).unwrap();
}

The above code panics in version 1.0.0-alpha.12 at

https://github.com/wooorm/markdown-rs/blob/3654cc875a9b9108e7107599e08febc2c122b74c/src/util/gfm_tagfilter.rs#L55

Here's the full RUST_BACKTRACE=1:

thread 'main' panicked at 'index out of bounds: the len is 4 but the index is 4', /home/gustav/.cargo/registry/src/index.crates.io-6f17d22bba15001f/markdown-1.0.0-alpha.12/src/util/gfm_tagfilter.rs:55:26
stack backtrace:
   0: rust_begin_unwind
             at /rustc/5680fa18feaa87f3ff04063800aec256c3d4b4be/library/std/src/panicking.rs:593:5
   1: core::panicking::panic_fmt
             at /rustc/5680fa18feaa87f3ff04063800aec256c3d4b4be/library/core/src/panicking.rs:67:14
   2: core::panicking::panic_bounds_check
             at /rustc/5680fa18feaa87f3ff04063800aec256c3d4b4be/library/core/src/panicking.rs:162:5
   3: markdown::util::gfm_tagfilter::gfm_tagfilter
             at /home/gustav/.cargo/registry/src/index.crates.io-6f17d22bba15001f/markdown-1.0.0-alpha.12/src/util/gfm_tagfilter.rs:55:26
   4: markdown::to_html::on_exit_html_data
             at /home/gustav/.cargo/registry/src/index.crates.io-6f17d22bba15001f/markdown-1.0.0-alpha.12/src/to_html.rs:1304:17
   5: markdown::to_html::exit
             at /home/gustav/.cargo/registry/src/index.crates.io-6f17d22bba15001f/markdown-1.0.0-alpha.12/src/to_html.rs:426:52
   6: markdown::to_html::handle
             at /home/gustav/.cargo/registry/src/index.crates.io-6f17d22bba15001f/markdown-1.0.0-alpha.12/src/to_html.rs:308:9
   7: markdown::to_html::compile
             at /home/gustav/.cargo/registry/src/index.crates.io-6f17d22bba15001f/markdown-1.0.0-alpha.12/src/to_html.rs:283:13
   8: markdown::to_html_with_options
             at /home/gustav/.cargo/registry/src/index.crates.io-6f17d22bba15001f/markdown-1.0.0-alpha.12/src/lib.rs:125:8
   9: markdown_repro::main
             at ./src/main.rs:7:15
  10: core::ops::function::FnOnce::call_once
             at /rustc/5680fa18feaa87f3ff04063800aec256c3d4b4be/library/core/src/ops/function.rs:250:5
wooorm commented 10 months ago

Thanks!

wooorm commented 10 months ago

released!

sornas commented 10 months ago

Awesome, thanks! Although you forgot a print :)

https://github.com/wooorm/markdown-rs/blob/077ef898092252210344cab60b64c3b68d524fb8/src/util/gfm_tagfilter.rs#L54

wooorm commented 9 months ago

Thanks