From 520d5a6fc6a6cf100d9414d588079f2a076801c5 Mon Sep 17 00:00:00 2001 From: John MacFarlane Date: Wed, 15 Apr 2015 16:09:53 -0700 Subject: Check return status of utf8proc_iterate. Closes #27. If unicode parsing gives an error condition, we just skip the rest of the string without rendering anything and proceed. I'm not sure if that's the best way to handle this, but garbage in, garbage out. Note: this bug was found using american fuzzy lop. --- src/commonmark.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/commonmark.c') diff --git a/src/commonmark.c b/src/commonmark.c index bef92f6..24ee8ce 100644 --- a/src/commonmark.c +++ b/src/commonmark.c @@ -117,6 +117,9 @@ static inline void out(struct render_state *state, } len = utf8proc_iterate(source + i, length - i, &c); + if (len == -1) { // error condition + return; // return without rendering rest of string + } nextc = source[i + len]; if (c == 32 && wrap) { if (!state->begin_line) { -- cgit v1.2.3