Extremely slow processing on malformed markdown (0.6.2) #1493
Describe the bug
Edit: I tested it under Chrome and it finished significantly faster than Firefox, but still quite slow (7 seconds).
I believe it is a combination of malformed input and an exponential-runtime regexp combining to hang the parser. I tried to strip the markdown to the exact syntax that breaks the parser, but it's difficult to narrow down. The reason I suspect it's a run-away regexp is that removing obvious non-syntax like the strings of plain alphabetic words allows it to finish, but only after 30+ seconds of processing.
(for anyone curious, the markdown is from some old notes I had on the AREXX programming language)
Steps to reproduce the behavior:
Parse this (be careful):
I'm running 0.6.2 downloaded from jsdelivr (the header says "/firstname.lastname@example.org/lib/marked.js"), however it's apparently also broken in the demo. I'm doing all this under Firefox 67 but it appears to hang Chrome, too.
The text was updated successfully, but these errors were encountered:
This ReDOS was introduced in 47365c1, and is caused in fact by the link
The two branches allowing backticks:
The solution would be to actually try to parse a code span whenever a
For what it's worth, this patch causes introduce 4 test failures, and only affects fairly obscure situations (namely, a single unmatched backtick).
Thoughts on the performance-correctness tradeoff?