cmark

Unnamed repository; edit this file 'description' to name the repository.

commit 76fb4d57b9e941870c72f86833648bb5262be737
parent 4de9c6ecf66f27829d226b3ad414823589dacd13
Author: John MacFarlane <jgm@berkeley.edu>
Date:   Tue, 14 Jul 2015 11:28:16 -0700

Limit 'start' to 8 digits to avoid undefined behavior (overflows).

This should be added to the spec.

Diffstat:
Msrc/blocks.c | 7++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/blocks.c b/src/blocks.c
@@ -400,11 +400,16 @@ static bufsize_t parse_list_marker(cmark_chunk *input, bufsize_t pos, cmark_list
 		}
 	} else if (cmark_isdigit(c)) {
 		int start = 0;
+		int digits = 0;
 
 		do {
 			start = (10 * start) + (peek_at(input, pos) - '0');
 			pos++;
-		} while (cmark_isdigit(peek_at(input, pos)));
+			digits++;
+			// We limit to 9 digits to avoid overflow,
+			// assuming max int is 2^31 - 1
+			// This also seems to be the limit for 'start' in some browsers.
+		} while (digits < 9 && cmark_isdigit(peek_at(input, pos)));
 
 		c = peek_at(input, pos);
 		if (c == '.' || c == ')') {