Merge pull request #205 from github/dont-scan-past-eol

Don't scan past an EOL.

The existing negated character classes ([^…]) are careful to always include \x00 in the characters excluded, but these . catch-alls can scan right past the terminating NUL placed at the end of the buffer by _scan_at.

As such, buffer overruns can occur.

Also, don't scan past a newline in HTML block end scanners.

0 files changed, 0 insertions, 0 deletions