From a5cf11dac52606141dd246f88d8c59688462e395 Mon Sep 17 00:00:00 2001 From: Vicent Marti Date: Sat, 6 Sep 2014 20:48:54 +0200 Subject: Entity declarations --- src/html/houdini_html_u.c | 99 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 src/html/houdini_html_u.c (limited to 'src/html/houdini_html_u.c') diff --git a/src/html/houdini_html_u.c b/src/html/houdini_html_u.c new file mode 100644 index 0000000..762f980 --- /dev/null +++ b/src/html/houdini_html_u.c @@ -0,0 +1,99 @@ +#include +#include +#include + +#include "houdini.h" +#include "utf8.h" +#include "html_unescape.h" + +size_t +houdini_unescape_ent(strbuf *ob, const uint8_t *src, size_t size) +{ + size_t i = 0; + + if (size > 3 && src[0] == '#') { + int codepoint = 0; + + if (_isdigit(src[1])) { + for (i = 1; i < size && _isdigit(src[i]); ++i) + codepoint = (codepoint * 10) + (src[i] - '0'); + } + + else if (src[1] == 'x' || src[1] == 'X') { + for (i = 2; i < size && _isxdigit(src[i]); ++i) + codepoint = (codepoint * 16) + ((src[i] | 32) % 39 - 9); + } + + if (i < size && src[i] == ';') { + utf8proc_encode_char(codepoint, ob); + return i + 1; + } + } + + else { + if (size > MAX_WORD_LENGTH) + size = MAX_WORD_LENGTH; + + for (i = MIN_WORD_LENGTH; i < size; ++i) { + if (src[i] == ' ') + break; + + if (src[i] == ';') { + const struct html_ent *entity = find_entity((char *)src, i); + + if (entity != NULL) { + strbuf_put(ob, entity->utf8, entity->utf8_len); + return i + 1; + } + + break; + } + } + } + + return 0; +} + +int +houdini_unescape_html(strbuf *ob, const uint8_t *src, size_t size) +{ + size_t i = 0, org, ent; + + while (i < size) { + org = i; + while (i < size && src[i] != '&') + i++; + + if (likely(i > org)) { + if (unlikely(org == 0)) { + if (i >= size) + return 0; + + strbuf_grow(ob, HOUDINI_UNESCAPED_SIZE(size)); + } + + strbuf_put(ob, src + org, i - org); + } + + /* escaping */ + if (i >= size) + break; + + i++; + + ent = houdini_unescape_ent(ob, src + i, size - i); + i += ent; + + /* not really an entity */ + if (ent == 0) + strbuf_putc(ob, '&'); + } + + return 1; +} + +void houdini_unescape_html_f(strbuf *ob, const uint8_t *src, size_t size) +{ + if (!houdini_unescape_html(ob, src, size)) + strbuf_put(ob, src, size); +} -- cgit v1.2.3 From 9d86d2f32303ae0048f6a5daa552bacceb9b12ea Mon Sep 17 00:00:00 2001 From: Vicent Marti Date: Tue, 9 Sep 2014 04:00:36 +0200 Subject: Update the spec with better entity handling --- src/html/houdini_html_u.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/html/houdini_html_u.c') diff --git a/src/html/houdini_html_u.c b/src/html/houdini_html_u.c index 762f980..b8e2d8d 100644 --- a/src/html/houdini_html_u.c +++ b/src/html/houdini_html_u.c @@ -24,7 +24,7 @@ houdini_unescape_ent(strbuf *ob, const uint8_t *src, size_t size) codepoint = (codepoint * 16) + ((src[i] | 32) % 39 - 9); } - if (i < size && src[i] == ';') { + if (i < size && src[i] == ';' && codepoint) { utf8proc_encode_char(codepoint, ob); return i + 1; } -- cgit v1.2.3 From 0ae7f4f53720e867c92ac9465062285293568856 Mon Sep 17 00:00:00 2001 From: Vicent Marti Date: Wed, 10 Sep 2014 20:02:01 +0200 Subject: Handle overflows in the codepoint parser --- src/html/houdini_html_u.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'src/html/houdini_html_u.c') diff --git a/src/html/houdini_html_u.c b/src/html/houdini_html_u.c index b8e2d8d..49b4956 100644 --- a/src/html/houdini_html_u.c +++ b/src/html/houdini_html_u.c @@ -15,13 +15,25 @@ houdini_unescape_ent(strbuf *ob, const uint8_t *src, size_t size) int codepoint = 0; if (_isdigit(src[1])) { - for (i = 1; i < size && _isdigit(src[i]); ++i) - codepoint = (codepoint * 10) + (src[i] - '0'); + for (i = 1; i < size && _isdigit(src[i]); ++i) { + int cp = (codepoint * 10) + (src[i] - '0'); + + if (cp < codepoint) + return 0; + + codepoint = cp; + } } else if (src[1] == 'x' || src[1] == 'X') { - for (i = 2; i < size && _isxdigit(src[i]); ++i) - codepoint = (codepoint * 16) + ((src[i] | 32) % 39 - 9); + for (i = 2; i < size && _isxdigit(src[i]); ++i) { + int cp = (codepoint * 16) + ((src[i] | 32) % 39 - 9); + + if (cp < codepoint) + return 0; + + codepoint = cp; + } } if (i < size && src[i] == ';' && codepoint) { -- cgit v1.2.3