Thanks for this! This one has been bugging me for a while. I will post a new Java tidy, with this fix, soon. Regards, Andy Quick ----- Original Message ----- From: Randy Waki <rwaki@flipdog.com> To: <html-tidy@w3.org>; <dsr@w3.org> Sent: Monday, August 07, 2000 2:08 AM Subject: Bug: Possible dangling pointer in istack.c > I think I've discovered a dangling pointer bug in istack.c. When > PopInLine() in istack.c pops the stack, it fails to check if lexer->insert > is pointing past the new end of stack. This can cause a subsequent call > to InsertedToken() to dereference the bogus lexer->insert. > > The fix is in the last if statement of PopInLine(), where the stack is > popped: if lexer->insert points past the end of the stack, set it to null. > (It's possible a similar check needs to be performed just above, too.) >Received on Thursday, 10 August 2000 18:16:09 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:37:48 GMT