corazawaf
fix: inline tag closing check when reading attribute name to prevent deep recursion
There is a recursion loop between stateSelfClosingStartTag and stateSelfClosingStartTag which in the worst case consumes 2 stack frames per input character.
We avoid this recursion by manual implementing tail call optimization (TCO) which a go compiler does not do automatically.
Also add a unit test to reproduce the problem in the first place.
This fixes #16
Codecov Report
Patch coverage: 85.00% and project coverage change: -0.11 :warning:
Comparison is base (
b624886) 90.21% compared to head (2247793) 90.11%.
Additional details and impacted files
@@ Coverage Diff @@
## master #17 +/- ##
==========================================
- Coverage 90.21% 90.11% -0.11%
==========================================
Files 8 8
Lines 1523 1527 +4
==========================================
+ Hits 1374 1376 +2
- Misses 128 130 +2
Partials 21 21
| Impacted Files | Coverage Δ | |
|---|---|---|
| html5.go | 87.73% <85.00%> (-0.36%) |
:arrow_down: |
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
There is a sister PR here https://github.com/libinjection/libinjection/pull/36
Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
0.0% Duplication
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
I have pushed a commit which I think makes this more idiomatic to Go and readable for future authors, TCO is a feature of compilers, not of code.
@jcchavezs This repo needs to migrate to our standard tooling. Can we create a magefiles repo in the org to not copy-paste?
And yeah, IMO the long term refactor seems to be to make sure there is only one top-level processing loop where state transitions happen, rather than happen state transitions and iteration to happen piecemeal within different functions.
Yeah we can create standard magefiles inside corazawaf. At least for lint, test, format, tidy this should do the trick.
On Mon, 27 Mar 2023, 03:21 Anuraag Agrawal, @.***> wrote:
And yeah, IMO the long term refactor seems to be to make sure there is only one top-level processing loop where state transitions happen, rather than happen state transitions and iteration to happen piecemeal within different functions.
— Reply to this email directly, view it on GitHub https://github.com/corazawaf/libinjection-go/pull/17#issuecomment-1484328670, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXOYAW5DJPGKUCERRO7233W6DTR7ANCNFSM6AAAAAAWHBVQNI . You are receiving this because you were mentioned.Message ID: @.***>
@anuraaga @jcchavezs what is the state of this change? are we pushing this one and then doing a better change?
