Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request from GHSA-8hqf-xjwp-p67v
Address quadratic complexity issues from upstream, pest
  • Loading branch information
kivikakk committed Mar 27, 2023
2 parents 327056e + c8e4ac7 commit ce795b7
Show file tree
Hide file tree
Showing 19 changed files with 23,345 additions and 627 deletions.
2 changes: 2 additions & 0 deletions .gitattributes
@@ -0,0 +1,2 @@
src/scanners.rs linguist-generated
src/scanners.re linguist-language=Rust
117 changes: 0 additions & 117 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 0 additions & 2 deletions Cargo.toml
Expand Up @@ -36,8 +36,6 @@ once_cell = "1.13.0"
entities = "1.0.1"
unicode_categories = "0.1.1"
memchr = "2"
pest = "2"
pest_derive = "2"
shell-words = { version = "1.0", optional = true }
slug = "0.1.4"
emojis = { version = "0.5.2", optional = true }
Expand Down
5 changes: 2 additions & 3 deletions Makefile
@@ -1,6 +1,5 @@
docker:
docker build -t comrak $(CURDIR)/script
docker run --privileged -t -i -v $(CURDIR):/src/comrak -v $(HOME)/.cargo/registry:/root/.cargo/registry -w /src/comrak comrak /bin/bash
src/scanners.rs: src/scanners.re
re2rust -W -Werror -i --no-generation-date -o $@ $<

bench:
cargo build --release
Expand Down
2 changes: 2 additions & 0 deletions benches/progit.rs
@@ -1,5 +1,7 @@
#![feature(test)]

extern crate test;

use comrak::{format_html, parse_document, Arena, ComrakOptions};
use test::Bencher;

Expand Down
27 changes: 20 additions & 7 deletions script/cibuild
Expand Up @@ -6,17 +6,30 @@ if command -v apt-get &>/dev/null; then
sudo apt-get install python3
fi

cargo build --verbose
cargo build --verbose --examples

if [ x"$SPEC" = "xtrue" ]; then
cargo build --verbose --release

cd vendor/cmark-gfm/test
python3 spec_tests.py --program='../../../target/debug/comrak --syntax-highlighting none'
python3 spec_tests.py --spec extensions.txt --program='../../../target/debug/comrak --syntax-highlighting none' --extensions "table strikethrough autolink tagfilter footnotes tasklist"
python3 roundtrip_tests.py --program='../../../target/debug/comrak --syntax-highlighting none'
python3 spec_tests.py --no-normalize --spec regression.txt --program='../../../target/debug/comrak --syntax-highlighting none'
python3 entity_tests.py --program='../../../target/debug/comrak --syntax-highlighting none'

PROGRAM_ARG="--program=../../../target/release/comrak --syntax-highlighting none"

python3 spec_tests.py --no-normalize --spec spec.txt "$PROGRAM_ARG"
python3 pathological_tests.py "$PROGRAM_ARG"
python3 roundtrip_tests.py --spec spec.txt "$PROGRAM_ARG"
python3 entity_tests.py "$PROGRAM_ARG"
python3 spec_tests.py --no-normalize --spec smart_punct.txt "$PROGRAM_ARG --smart"

python3 spec_tests.py --no-normalize --spec extensions.txt "$PROGRAM_ARG" --extensions "table strikethrough autolink tagfilter footnotes tasklist"
python3 roundtrip_tests.py --spec extensions.txt "$PROGRAM_ARG" --extensions "table strikethrough autolink tagfilter footnotes tasklist"
# python3 roundtrip_tests.py --spec extensions-table-prefer-style-attributes.txt "$PROGRAM_ARG --table-prefer-style-attributes" --extensions "table strikethrough autolink tagfilter footnotes tasklist"
python3 roundtrip_tests.py --spec extensions-full-info-string.txt "$PROGRAM_ARG --full-info-string"

python3 spec_tests.py --no-normalize --spec regression.txt "$PROGRAM_ARG"
else
cargo build --verbose
cargo build --verbose --examples

cargo test --verbose
cargo run --example sample
fi
53 changes: 35 additions & 18 deletions src/html.rs
Expand Up @@ -2,7 +2,6 @@ use crate::ctype::isspace;
use crate::nodes::{AstNode, ListType, NodeCode, NodeValue, TableAlignment};
use crate::parser::{ComrakOptions, ComrakPlugins};
use crate::scanners;
use crate::strings::build_opening_tag;
use once_cell::sync::Lazy;
use regex::Regex;
use std::borrow::Cow;
Expand Down Expand Up @@ -243,6 +242,40 @@ fn dangerous_url(input: &[u8]) -> bool {
scanners::dangerous_url(input).is_some()
}

fn escape(output: &mut dyn Write, buffer: &[u8]) -> io::Result<()> {
let mut offset = 0;
for (i, &byte) in buffer.iter().enumerate() {
if NEEDS_ESCAPED[byte as usize] {
let esc: &[u8] = match byte {
b'"' => b"&quot;",
b'&' => b"&amp;",
b'<' => b"&lt;",
b'>' => b"&gt;",
_ => unreachable!(),
};
output.write_all(&buffer[offset..i])?;
output.write_all(esc)?;
offset = i + 1;
}
}
output.write_all(&buffer[offset..])?;
Ok(())
}

pub fn build_opening_tag(tag: &str, attributes: &HashMap<String, String>) -> String {
let mut out = Vec::with_capacity(80);
write!(out, "<{}", tag).unwrap();

for (attr, val) in attributes {
write!(out, " {}=\"", attr).unwrap();
escape(&mut out, val.as_bytes()).unwrap();
write!(out, "\"").unwrap()
}

write!(out, ">").unwrap();
unsafe { String::from_utf8_unchecked(out) }
}

impl<'o> HtmlFormatter<'o> {
fn new(
options: &'o ComrakOptions,
Expand All @@ -267,23 +300,7 @@ impl<'o> HtmlFormatter<'o> {
}

fn escape(&mut self, buffer: &[u8]) -> io::Result<()> {
let mut offset = 0;
for (i, &byte) in buffer.iter().enumerate() {
if NEEDS_ESCAPED[byte as usize] {
let esc: &[u8] = match byte {
b'"' => b"&quot;",
b'&' => b"&amp;",
b'<' => b"&lt;",
b'>' => b"&gt;",
_ => unreachable!(),
};
self.output.write_all(&buffer[offset..i])?;
self.output.write_all(esc)?;
offset = i + 1;
}
}
self.output.write_all(&buffer[offset..])?;
Ok(())
escape(&mut self.output, buffer)
}

fn escape_href(&mut self, buffer: &[u8]) -> io::Result<()> {
Expand Down
75 changes: 0 additions & 75 deletions src/lexer.pest

This file was deleted.

0 comments on commit ce795b7

Please sign in to comment.