Skip to content

Commit ae59e1a

Browse files
dmsnelldmsnell
committed
Correct unchecked indexing, feedback
Props to @costdev for noting the unchecked indices.
1 parent ddcb554 commit ae59e1a

2 files changed

Lines changed: 35 additions & 5 deletions

File tree

src/wp-includes/html-api/class-wp-html-tag-processor.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1055,19 +1055,19 @@ private function parse_next_tag() {
10551055
*
10561056
* See https://html.spec.whatwg.org/#parse-error-incorrectly-closed-comment
10571057
*/
1058-
$closer_at--; // Pre-increment inside condition avoids risk of infinite looping.
1058+
$closer_at--; // Pre-increment inside condition below reduces risk of accidental infinite looping.
10591059
while ( ++$closer_at < strlen( $html ) ) {
10601060
$closer_at = strpos( $html, '--', $closer_at );
10611061
if ( false === $closer_at ) {
10621062
return false;
10631063
}
10641064

1065-
if ( '>' === $html[ $closer_at + 2 ] ) {
1065+
if ( $closer_at + 2 < strlen( $html ) && '>' === $html[ $closer_at + 2 ] ) {
10661066
$at = $closer_at + 3;
10671067
continue 2;
10681068
}
10691069

1070-
if ( '!' === $html[ $closer_at + 2 ] && '>' === $html[ $closer_at + 3 ] ) {
1070+
if ( $closer_at + 3 < strlen( $html ) && '!' === $html[ $closer_at + 2 ] && '>' === $html[ $closer_at + 3 ] ) {
10711071
$at = $closer_at + 4;
10721072
continue 2;
10731073
}

tests/phpunit/tests/html-api/wpHtmlTagProcessor.php

Lines changed: 32 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1777,10 +1777,42 @@ public function test_allows_incorrectly_closed_comments() {
17771777
$this->assertSame( 'final', $p->get_attribute( 'id' ), 'Did not skip over unopened comment-closer.' );
17781778
}
17791779

1780+
/**
1781+
* Ensures that unclosed and invalid comments don't trigger warnings or errors.
1782+
*
1783+
* @ticket 58007
1784+
*
1785+
* @covers WP_HTML_Tag_Processor::next_tag
1786+
* @dataProvider data_html_with_unclosed_comments
1787+
*
1788+
* @param string $html_ending_before_comment_close HTML with opened comments that aren't closed
1789+
*/
1790+
public function test_documents_may_end_with_unclosed_comment( $html_ending_before_comment_close ) {
1791+
$p = new WP_HTML_Tag_Processor( $html_ending_before_comment_close );
1792+
1793+
$this->assertFalse( $p->next_tag() );
1794+
}
1795+
1796+
/**
1797+
* Data provider.
1798+
*
1799+
* @return array[]
1800+
*/
1801+
public function data_html_with_unclosed_comments() {
1802+
return array(
1803+
'Basic truncated comment' => array( '<!-- this ends --' ),
1804+
'Comment with closer look-alike' => array( '<!-- this ends --x' ),
1805+
'Comment with closer look-alike 2' => array( '<!-- this ends --!x' ),
1806+
'Invalid tag-closer comment' => array( '</(when will this madness end?)' ),
1807+
'Invalid tag-closer comment 2' => array( '</(when will this madness end?)--' )
1808+
);
1809+
}
1810+
17801811
/**
17811812
* Ensures that abruptly-closed empty comments are properly closed.
17821813
*
17831814
* @ticket 58007
1815+
*
17841816
* @covers WP_HTML_Tag_Processor::next_tag
17851817
* @dataProvider data_abruptly_closed_empty_comments
17861818
*
@@ -1797,8 +1829,6 @@ public function test_closes_abrupt_closing_of_empty_comment( $html_with_after_ma
17971829
/**
17981830
* Data provider.
17991831
*
1800-
* @ticket 58007
1801-
*
18021832
* @return array[]
18031833
*/
18041834
public function data_abruptly_closed_empty_comments() {

0 commit comments

Comments
 (0)