35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
From 77cfb8f4cd9679cef27ae9bc38e39ac51235af2d Mon Sep 17 00:00:00 2001
|
|
From: Sebastian Pipping <sebastian@pipping.org>
|
|
Date: Fri, 14 May 2021 20:26:26 +0200
|
|
Subject: [PATCH] tests: Cover accounting of CDATA sections inside of general
|
|
entities
|
|
|
|
---
|
|
tests/runtests.c | 10 ++++++++++
|
|
1 file changed, 10 insertions(+)
|
|
|
|
diff --git a/tests/runtests.c b/tests/runtests.c
|
|
index 0e2b49f..e394456 100644
|
|
--- a/tests/runtests.c
|
|
+++ b/tests/runtests.c
|
|
@@ -11318,6 +11318,16 @@ START_TEST(test_accounting_precision) {
|
|
|
|
/* CDATA */
|
|
{"<e><![CDATA[one two three]]></e>", NULL, NULL, 0, filled_later},
|
|
+ /* The following is the essence of this OSS-Fuzz finding:
|
|
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34302
|
|
+ https://oss-fuzz.com/testcase-detail/4860575394955264
|
|
+ */
|
|
+ {"<!DOCTYPE r [\n"
|
|
+ "<!ENTITY e \"111<![CDATA[2 <= 2]]>333\">\n"
|
|
+ "]>\n"
|
|
+ "<r>&e;</r>\n",
|
|
+ NULL, NULL, sizeof(XML_Char) * strlen("111<![CDATA[2 <= 2]]>333"),
|
|
+ filled_later},
|
|
|
|
/* Conditional sections */
|
|
{"<!DOCTYPE r [\n"
|
|
--
|
|
1.8.3.1
|
|
|