Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Infinite loop when an invalid callout list follows a list item #3472

Closed
cawalch opened this issue Nov 2, 2019 · 5 comments
Closed

Infinite loop when an invalid callout list follows a list item #3472

cawalch opened this issue Nov 2, 2019 · 5 comments
Assignees
@mojavelinux
Labels
bug v2.0.11 Issues resolved in the 2.0.11 release
Milestone
v2.0.x

Comments

@cawalch
Copy link

cawalch commented Nov 2, 2019 

const asciidoctor = require('asciidoctor')()
asciidoctor.convert(Buffer.from('103a3a0a393e0901', 'hex'))

Version 2.0.3

Found with jsfuzz
@mojavelinux
Copy link
Member

This causes Asciidoctor to hang as well. Here's the UTF-8 string to reproduce:

a::\n0>\tb

Looks like a dlist parsing error related to #2888.

@mojavelinux
Copy link
Member

Yep, same exact problem. We made a change to the syntax rules, but forgot to update one of the matchers.

@mojavelinux mojavelinux transferred this issue from asciidoctor/asciidoctor.js Nov 2, 2019
@mojavelinux mojavelinux changed the title convert - Out of Memory (non-valid syntax) Infinite loop when an invalid callout list follows a list item Nov 2, 2019
@mojavelinux
Copy link
Member

The problem occurs when an old-style callout list item follows another list item. Here's another example:

* foo
1> bar

It also happens for this case:

* foo
<.> bar

All part of the same problem.

@mojavelinux mojavelinux self-assigned this Nov 2, 2019
@mojavelinux mojavelinux added the bug label Nov 2, 2019
@mojavelinux mojavelinux added this to the v2.0.x milestone Nov 2, 2019
@mojavelinux mojavelinux added the v2.0.11 Issues resolved in the 2.0.11 release label Nov 2, 2019
@ggrossetie
Copy link
Member

Thanks for your report @cawalch!
Is it worth to run jsfuzz as part of the CI on Travis?

@mojavelinux Do you reproduce this issue in Ruby?

@mojavelinux
Copy link
Member

Yep, I can reproduce it using exactly the scenario the NOTE in the code warns about.

Is it worth to run jsfuzz as part of the CI on Travis?

It certainly couldn't hurt.

mojavelinux added a commit to mojavelinux/asciidoctor that referenced this issue Nov 3, 2019
@mojavelinux
resolves asciidoctor#3472 fix infinite loop when callout list with ob…
b8229e9 
…solete syntax is found inside list item
mojavelinux added a commit to mojavelinux/asciidoctor that referenced this issue Nov 3, 2019
@mojavelinux
resolves asciidoctor#3472 fix infinite loop when callout list with ob…
3365da2 
…solete syntax is found inside list item
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mojavelinux mojavelinux

Labels
bug v2.0.11 Issues resolved in the 2.0.11 release
Projects
None yet
Milestone
v2.0.x
Development

No branches or pull requests
3 participants
@mojavelinux @ggrossetie @cawalch