Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: possible ReDOS in markdown newline rule (#15646) 

Backport ffc49ab46b
This commit is contained in:
Régis Hanol 2022-01-20 22:32:01 +01:00 committed by GitHub
parent 224f0a2655
commit a582c49601
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/assets/javascripts/pretty-text/engines/discourse-markdown/newline.js
View File

@ -8,6 +8,7 @@ function newline(state, silent) {
let token,
pmax,
max,
ws,
pos = state.pos;
if (state.src.charCodeAt(pos) !== 0x0a /* \n */) {
@ -24,7 +25,14 @@ function newline(state, silent) {
if (!silent) {
if (pmax >= 0 && state.pending.charCodeAt(pmax) === 0x20) {
if (pmax >= 1 && state.pending.charCodeAt(pmax - 1) === 0x20) {
state.pending = state.pending.replace(/ +$/, "");
// Find whitespaces tail of pending chars.
ws = pmax - 1;
while (ws >= 1 && state.pending.charCodeAt(ws - 1) === 0x20) {
ws--;
}
state.pending = state.pending.slice(0, ws);
token = state.push("hardbreak", "br", 0);
} else {
state.pending = state.pending.slice(0, -1);