- Commit
- 4b52529eb964fd1e949ae60e2da70ac3a0db6a9c
- Parent
- 98ad06a6d1ff2bbba75110dbe46e5c28cae966dd
- Author
- John MacFarlane <jgm@berkeley.edu>
- Date
JS: replace NUL characters with U+FFFD, as per spec.
cmark
My personal build of CMark ✏️
Diffstat
1 file changed, 4 insertions, 0 deletions
| Status | File Name | N° Changes | Insertions | Deletions |
| Modified | js/lib/blocks.js | 4 | 4 | 0 |
diff --git a/js/lib/blocks.js b/js/lib/blocks.js @@ -16,6 +16,10 @@ var isBlank = function(s) { // Convert tabs to spaces on each line using a 4-space tab stop. var detabLine = function(text) { "use strict"; + if (text.indexOf('\0') !== -1) { + // replace NUL for security + text = text.replace(/\0/g, '\uFFFD'); + } if (text.indexOf('\t') === -1) { return text; } else {