Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Latte: Fixed exponential backtracking #2682

merged 1 commit into from Dec 31, 2020


Copy link

No description provided.

Copy link

JS File Size Changes (gzipped)

A total of 1 files have changed, with a combined diff of +9 B (+1.8%).

file master pull size diff % diff
components/prism-latte.min.js 513 B 522 B +9 B +1.8%

Generated by 🚫 dangerJS against bf29575

@RunDevelopment RunDevelopment merged commit 89f1e18 into PrismJS:master Dec 31, 2020
1 check passed
@RunDevelopment RunDevelopment deleted the latte-exp-bt-fix branch December 31, 2020 09:14
Copy link

Is the detector improving or this was just not dealt with before?

Copy link
Member Author

This is one of the very few regexes that aren't checked by our detector. This was found using a CodeQL query.

Copy link

I'll assume it's something weird about how markup templating works or something that it's "special"... so much of our regex are generated at run-time but since the tests are running at run-time we just hook into the FINAL prepared regex and run them thru the checker.

Copy link
Member Author

Yeah, we just check the regexes of all grammars. Markup templating also needs one additional regex to detect the embedded language and that regex isn't checked.

One way around that might be to override the exec/test methods in RegExp.prototype to run the detector on all patterns used to tokenize Prism's test cases.

This was referenced Mar 6, 2021
This was referenced Mar 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging this pull request may close these issues.

None yet

2 participants