summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--js/lib/blocks.js4
1 files changed, 4 insertions, 0 deletions
diff --git a/js/lib/blocks.js b/js/lib/blocks.js
index 1e20d29..8f4776c 100644
--- a/js/lib/blocks.js
+++ b/js/lib/blocks.js
@@ -16,6 +16,10 @@ var isBlank = function(s) {
// Convert tabs to spaces on each line using a 4-space tab stop.
var detabLine = function(text) {
"use strict";
+ if (text.indexOf('\0') !== -1) {
+ // replace NUL for security
+ text = text.replace(/\0/g, '\uFFFD');
+ }
if (text.indexOf('\t') === -1) {
return text;
} else {