dovecot-2.2: fts: parser-html - parser can fail on attributes='w...
dovecot at dovecot.org
dovecot at dovecot.org
Tue May 27 18:19:09 UTC 2014
details: http://hg.dovecot.org/dovecot-2.2/rev/ad028a950248
changeset: 17395:ad028a950248
user: Phil Carmody <phil at dovecot.fi>
date: Tue May 27 21:17:34 2014 +0300
description:
fts: parser-html - parser can fail on attributes='with values in single quotes'
If that value were to contain an odd number of double quotes, then the
HTML_STATE_TAG_(D)QUOTED state would be entered and not exited.
The two quoting types behave basically the same, so just add two new cases
and duplicate the state transition code.
diffstat:
src/plugins/fts/fts-parser-html.c | 31 +++++++++++++++++++++++--------
1 files changed, 23 insertions(+), 8 deletions(-)
diffs (59 lines):
diff -r 54e508b71dcd -r ad028a950248 src/plugins/fts/fts-parser-html.c
--- a/src/plugins/fts/fts-parser-html.c Tue May 27 21:17:34 2014 +0300
+++ b/src/plugins/fts/fts-parser-html.c Tue May 27 21:17:34 2014 +0300
@@ -16,10 +16,14 @@
HTML_STATE_TEXT,
/* tag outside "quoted string" */
HTML_STATE_TAG,
- /* tag inside "quoted string" */
- HTML_STATE_TAG_QUOTED,
+ /* tag inside "double quoted string" */
+ HTML_STATE_TAG_DQUOTED,
/* tag -> "escape\ */
- HTML_STATE_TAG_QUOTED_ESCAPE,
+ HTML_STATE_TAG_DQUOTED_ESCAPE,
+ /* tag inside 'single quoted string' */
+ HTML_STATE_TAG_SQUOTED,
+ /* tag -> 'escape\ */
+ HTML_STATE_TAG_SQUOTED_ESCAPE,
/* script/stype content */
HTML_STATE_IGNORE,
/* comment */
@@ -171,21 +175,32 @@
break;
case HTML_STATE_TAG:
if (c == '"')
- parser->state = HTML_STATE_TAG_QUOTED;
+ parser->state = HTML_STATE_TAG_DQUOTED;
+ else if (c == '\'')
+ parser->state = HTML_STATE_TAG_DQUOTED;
else if (c == '>') {
parser->state = parser->ignore_next_text ?
HTML_STATE_IGNORE : HTML_STATE_TEXT;
parser_add_space(parser);
}
break;
- case HTML_STATE_TAG_QUOTED:
+ case HTML_STATE_TAG_DQUOTED:
if (c == '"')
parser->state = HTML_STATE_TAG;
else if (c == '\\')
- parser->state = HTML_STATE_TAG_QUOTED_ESCAPE;
+ parser->state = HTML_STATE_TAG_DQUOTED_ESCAPE;
break;
- case HTML_STATE_TAG_QUOTED_ESCAPE:
- parser->state = HTML_STATE_TAG_QUOTED;
+ case HTML_STATE_TAG_DQUOTED_ESCAPE:
+ parser->state = HTML_STATE_TAG_DQUOTED;
+ break;
+ case HTML_STATE_TAG_SQUOTED:
+ if (c == '\'')
+ parser->state = HTML_STATE_TAG;
+ else if (c == '\\')
+ parser->state = HTML_STATE_TAG_SQUOTED_ESCAPE;
+ break;
+ case HTML_STATE_TAG_SQUOTED_ESCAPE:
+ parser->state = HTML_STATE_TAG_SQUOTED;
break;
case HTML_STATE_IGNORE:
if (c == '<') {
More information about the dovecot-cvs
mailing list