diff options
| -rw-r--r-- | src/libserver/html.c | 13 | ||||
| -rw-r--r-- | test/lua/unit/html.lua | 3 |
2 files changed, 10 insertions, 6 deletions
diff --git a/src/libserver/html.c b/src/libserver/html.c index 4b100cc43..79d4eebb3 100644 --- a/src/libserver/html.c +++ b/src/libserver/html.c @@ -338,6 +338,7 @@ rspamd_html_decode_entitles_inplace (gchar *s, guint len) { guint l, rep_len; gchar *t = s, *h = s, *e = s, *end_ptr; + const gchar *end; const gchar *entity; gint state = 0, val, base; khiter_t k; @@ -349,6 +350,8 @@ rspamd_html_decode_entitles_inplace (gchar *s, guint len) l = len; } + end = s + l; + while (h - s < (gint)l) { switch (state) { /* Out of entity */ @@ -379,13 +382,13 @@ rspamd_html_decode_entitles_inplace (gchar *s, guint len) if (kh_val (html_entity_by_name, k)) { rep_len = strlen (kh_val (html_entity_by_name, k)); - if (end_ptr - t >= rep_len) { + if (end - t >= rep_len) { memcpy (t, kh_val (html_entity_by_name, k), rep_len); t += rep_len; } } else { - if (end_ptr - t >= h - e) { + if (end - t >= h - e) { memmove (t, e, h - e); t += h - e; } @@ -411,7 +414,7 @@ rspamd_html_decode_entitles_inplace (gchar *s, guint len) if (end_ptr != NULL && *end_ptr != '\0') { /* Skip undecoded */ - if (end_ptr - t >= h - e) { + if (end - t >= h - e) { memmove (t, e, h - e); t += h - e; } @@ -424,13 +427,13 @@ rspamd_html_decode_entitles_inplace (gchar *s, guint len) if (kh_val (html_entity_by_number, k)) { rep_len = strlen (kh_val (html_entity_by_number, k)); - if (end_ptr - t >= rep_len) { + if (end - t >= rep_len) { memcpy (t, kh_val (html_entity_by_number, k), rep_len); t += rep_len; } } else { - if (end_ptr - t >= h - e) { + if (end - t >= h - e) { memmove (t, e, h - e); t += h - e; } diff --git a/test/lua/unit/html.lua b/test/lua/unit/html.lua index a9a490e5b..68ee7d1eb 100644 --- a/test/lua/unit/html.lua +++ b/test/lua/unit/html.lua @@ -121,7 +121,8 @@ context("HTML processing", function() local t = rspamd_util.parse_html(c[1]) assert_not_nil(t) - assert_equal(c[2], tostring(t)) + assert_equal(c[2], tostring(t), string.format("'%s' doesn't match with '%s'", + c[2], t)) end end) end) |