htmlpurifier-html5 icon indicating copy to clipboard operation
htmlpurifier-html5 copied to clipboard

Published 20 hours ago verified publisher icon xemlock

Catastrophic backtracking

Open bytestream opened this issue 1 year ago • 1 comments

The comment regex in https://github.com/xemlock/htmlpurifier-html5/blob/master/library/HTMLPurifier/Lexer/HTML5.php#L57 can cause catastrophic back tracking. The result is preg_replace_callback returns null

Workaround is to increase pcre.backtrack_limit. However, I think it would be better if the error handling in this function is improved to account for when preg_replace_callback returns null. I expect that it would just skip that comment regex functionality in that case.

bytestream avatar Jul 15 '24 12:07 bytestream

Changing the regex to <!--([^>]*)(-->|\z) also fixes the back tracking issue.

bytestream avatar Jul 15 '24 13:07 bytestream