Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ccdf977

Browse files
alexandre-dauboisalexandre-daubois
committed
[Yaml] Fixed infinite loop when parser goes through an additional and invalid closing tag
Instead of letting the parser goes in an infinite loop, throw an exception when the additional and invalid is found
1 parent 3b1948f commit ccdf977

File tree

2 files changed

+23
-0
lines changed

2 files changed

+23
-0
lines changed

src/Symfony/Component/Yaml/Parser.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1225,6 +1225,10 @@ private function lexUnquotedString(int &$cursor): string
12251225
$offset = $cursor;
12261226
$cursor += strcspn($this->currentLine, '[]{},: ', $cursor);
12271227

1228+
if ($cursor === $offset) {
1229+
throw new ParseException('Malformed unquoted YAML string.');
1230+
}
1231+
12281232
return substr($this->currentLine, $offset, $cursor - $offset);
12291233
}
12301234

src/Symfony/Component/Yaml/Tests/ParserTest.php

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2676,6 +2676,25 @@ public function testParseValueWithNegativeModifiers()
26762676
);
26772677
}
26782678

2679+
public function testThrowExceptionIfInvalidAdditionalClosingTagOccurs()
2680+
{
2681+
$yaml = '{
2682+
"object": {
2683+
"array": [
2684+
"a",
2685+
"b",
2686+
"c"
2687+
]
2688+
],
2689+
}
2690+
}';
2691+
2692+
$this->expectException(ParseException::class);
2693+
$this->expectExceptionMessage('Malformed unquoted YAML string at line 8 (near " ],")');
2694+
2695+
$this->parser->parse($yaml);
2696+
}
2697+
26792698
public function testWhitespaceAtEndOfLine()
26802699
{
26812700
$yaml = "\nfoo:\n arguments: [ '@bar' ] \n";

0 commit comments

Comments
 (0)