ejs icon indicating copy to clipboard operation
ejs copied to clipboard

Published 20 hours ago verified publisher icon tj

Fixed infinite loop problem in parse for unescaped ejs

Open niklabh opened this issue 11 years ago • 1 comments
trafficstars

This code will run in an infinite loop eventually taking all memory and killing the node process (Allocation failed - process out of memory):

var ejs = require('ejs');
var ejsOpts = {
  open: '{{',
  close: '}}'
};
var template = " {{=nik }";
console.log("start");
var compiled = ejs.compile(template, ejsOpts);
console.log("compiled", compiled);

The problem is at file lib/ejs.js line 144,173 (prase function) end becomes -1 and i(loop counter) always getting set to 1, and the for loop never ends.

This fix solves it because now ejs will throw an error when template being compiled is unescaped rather than going into infinite loop.

niklabh avatar Feb 05 '14 11:02 niklabh

Was just about to submit an issue for this. I made a stupid typo and hit this, reduced code:

ejs = require('ejs')
s = '<h1>oops</h1> <%- foo ->'
ejs.compile(s)

Confirm that the fix works.

@niklabh Might be worth adding a test for this.

samsonjs avatar Feb 15 '14 20:02 samsonjs