Fix panic in Set Delimiter parsing. #91
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Mustache supports Set Delimter tags, of the form `{{=<open tag> <close tag>=}}`,
which is used to change the delimiters from `{{` and `}}`. Prior to this
commit, if there was a sequence that looked like the start of a Set
Delimiter tag, but there was not a complete Set Delimiter tag, the
library could panic.
This commit:
* factors out the Set Delimiter tag parsing into a new function,
'parseCustomDelimiter()'
* adds checks to make sure an incomplete tag doesn't cause an access
off the end of a slice
* treats an incomplete Set Delimiter (like `{{=}}`) as a normaal
tag
This behaviour matches the mustache playground at
https://jgonggrijp.gitlab.io/wontache/playground.html. I tried to match
the behaviour of the Ruby implementation, but it seems to be
inconsistent in this case.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Mustache supports Set Delimter tags, of the form
{{=<open tag> <close tag>=}}, which is used to change the delimiters from{{and}}. Prior to this commit, if there was a sequence that looked like the start of a Set Delimiter tag, but there was not a complete Set Delimiter tag, the library could panic.This commit:
* factors out the Set Delimiter tag parsing into a new function, 'parseCustomDelimiter()'
* adds checks to make sure an incomplete tag doesn't cause an access off the end of a slice
* treats an incomplete Set Delimiter (like
{{=}}) as a normaal tagThis behaviour matches the mustache playground at
https://jgonggrijp.gitlab.io/wontache/playground.html. I tried to match the behaviour of the Ruby implementation, but it seems to be inconsistent in this case.