-
Notifications
You must be signed in to change notification settings - Fork 216
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crash when parsing an argument value that is \r\n
#305
Comments
Looked at it a little bit. It seems that https://github.com/servo/html5ever/blob/master/html5ever/src/tokenizer/mod.rs#L252 is the problem since the string that's failing has a '\r\n' at the end of the document. So it hits It seems to me that removing the assert would be an easy way of fixing that but I'm not sure if it's the right one. |
@milindjain0 You could fix this bug. I agree that removing the assertion is the right solution. |
This one fails with 0.22.2 too.
|
Remove unrequired assertion for invalid markup (fixes #305)
Hi,
I was trying to fuzz ammonia to see if there was anything that would make it crash and found this string
<a a=\r\n
that makes html5ever panic.Here is the test example:
The panic/backtrace:
The text was updated successfully, but these errors were encountered: