- From: Terry Teague <teague@mailandnews.com>
- Date: Wed, 23 Aug 2000 23:43:35 -0700
- To: Achim Schaefer <Achim.Schaefer@neuroinformatik.ruhr-uni-bochum.de>, html-tidy@w3.org
At 5:51 PM +0200 8/23/2000, Achim Schaefer wrote:
>The following line of code leads to a segmentation fault with Tidy (vers
>4th August 2000):
><a href="test.html>link</a> <a href="test.html">link</a>
>
>(The closing quote are missing.)
>Is this a bug that is already known? Has anybody posted a fix, yet?
Yes, I believe this is a known bug (or a variation on a known bug) :
Reported by Scott Davis 19 Jul 00, in the 08 Jul 00 version.
Mismatched quotes for an element's attribute causes a NULL pointer to be
dereferenced when reporting the error, which causes a crash/segmentation
fault on some platforms.
<A HREF=mailto:"user@host"> blah </a>
Note the odd quoting on the HREF element.
This seems to be caused by the value of the sattribute being null if an
unexpected quote is found. It may be related to the break at line 2541 of
lexer.c. Removing that line seems to produce a reasonable result of
<a href="mailto:"user@company.com"">blah</a>
Proposed solution (tabs removed by me) :
original code : 30 Apr 00
lexer.c - line 2541 ParseValue()
if (c == '"' || c == '\'')
{
ReportAttrError(lexer, lexer->token, null, UNEXPECTED_QUOTEMARK);
break;
}
fixed code :
if (c == '"' || c == '\'')
{
ReportAttrError(lexer, lexer->token, null, UNEXPECTED_QUOTEMARK);
// *** REMOVE *** break;
}
Note, I haven't tested this fix.
Regards, Terry
Received on Thursday, 24 August 2000 02:44:01 UTC