- Commit
- 76fb4d57b9e941870c72f86833648bb5262be737
- Parent
- 4de9c6ecf66f27829d226b3ad414823589dacd13
- Author
- John MacFarlane <jgm@berkeley.edu>
- Date
Limit 'start' to 8 digits to avoid undefined behavior (overflows).
This should be added to the spec.
My personal build of CMark ✏️
Limit 'start' to 8 digits to avoid undefined behavior (overflows).
This should be added to the spec.
1 file changed, 6 insertions, 1 deletion
Status | File Name | N° Changes | Insertions | Deletions |
Modified | src/blocks.c | 7 | 6 | 1 |
diff --git a/src/blocks.c b/src/blocks.c @@ -400,11 +400,16 @@ static bufsize_t parse_list_marker(cmark_chunk *input, bufsize_t pos, cmark_list } } else if (cmark_isdigit(c)) { int start = 0; + int digits = 0; do { start = (10 * start) + (peek_at(input, pos) - '0'); pos++; - } while (cmark_isdigit(peek_at(input, pos))); + digits++; + // We limit to 9 digits to avoid overflow, + // assuming max int is 2^31 - 1 + // This also seems to be the limit for 'start' in some browsers. + } while (digits < 9 && cmark_isdigit(peek_at(input, pos))); c = peek_at(input, pos); if (c == '.' || c == ')') {