mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 01:47:35 +00:00
LibWeb: Prevent OOB access in HTMLEncodingDetection for input of '</'
Previously, this never checked if `position + 2` was valid. This slightly reorders the loop so all indices are checked. Fixes #22163
This commit is contained in:
parent
3f52d6045a
commit
5e973fca0b
3 changed files with 17 additions and 4 deletions
|
@ -0,0 +1,12 @@
|
|||
Viewport <#document> at (0,0) content-size 800x600 children: not-inline
|
||||
BlockContainer <html> at (0,0) content-size 800x600 [BFC] children: not-inline
|
||||
BlockContainer <body> at (8,8) content-size 784x17.46875 children: inline
|
||||
line 0 width: 14.65625, height: 17.46875, bottom: 17.46875, baseline: 13.53125
|
||||
frag 0 from TextNode start: 0, length: 2, rect: [8,8 14.65625x17.46875]
|
||||
"</"
|
||||
TextNode <#text>
|
||||
|
||||
ViewportPaintable (Viewport<#document>) [0,0 800x600]
|
||||
PaintableWithLines (BlockContainer<HTML>) [0,0 800x600]
|
||||
PaintableWithLines (BlockContainer<BODY>) [8,8 784x17.46875]
|
||||
TextPaintable (TextNode<#text>)
|
|
@ -0,0 +1 @@
|
|||
</
|
Loading…
Add table
Add a link
Reference in a new issue