Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Denial of service with malformed xml #1502

Closed
Google-Autofuzz opened this issue Aug 3, 2020 · 1 comment
Closed

Denial of service with malformed xml #1502

Google-Autofuzz opened this issue Aug 3, 2020 · 1 comment
Assignees
@Anteru
Milestone
2.7

Comments

@Google-Autofuzz
Copy link

When running the following code with the latest git version of pygments on the attached input results of in 100% CPU consumption for an arbitrary long time:

import sys

import pygments
import pygments.formatters
import pygments.lexers

with open(sys.argv[1], 'rb') as f:
    data = f.read()
    lexer = pygments.lexers.guess_lexer(str(data))
    pygments.highlight(str(data), lexer, pygments.formatters.HtmlFormatter())

pygments.txt
@Anteru Anteru self-assigned this Aug 5, 2020
@Anteru Anteru closed this as completed in ab0537f Aug 22, 2020
@Anteru Anteru added the changelog-update Items which need to get mentioned in the changelog label Aug 22, 2020
@Anteru Anteru added this to the 2.7 milestone Aug 22, 2020
@Anteru
Copy link
Collaborator

Anteru commented Aug 22, 2020

Fixed, thanks for the report! Short summery for those who are curious as to what is going on: This is not a bug in the Xml lexer, but the XmlErb lexer which kicks in (the Xml lexer has no problem with the file), and that in turn uses Ruby for embedded template code, and the Ruby lexer failed on single-quote strings with lots of backslashes :)

@Anteru Anteru removed the changelog-update Items which need to get mentioned in the changelog label Sep 3, 2020
Kenny2github pushed a commit to Kenny2github/pygments that referenced this issue Sep 22, 2020
@Anteru @Kenny2github
Fix pygments#1502.
a366d6c 
Single-quoted strings were handled differently in the Ruby lexer
compared to double-quoted strings, leading to catastrophic backtracking.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Anteru Anteru

Labels
None yet
Projects
None yet
Milestone
2.7
Development

No branches or pull requests
2 participants
@Anteru @Google-Autofuzz