exml:unescape_cdata sometimes does not unescape cdata

Open kzemek opened this issue 8 years ago • 0 comments

Because C's exml_unescape_cdata() is being fed with arbitrary chunks of input, if an escaped character appears on the division point (in current implementation the input is divided in 20000-byte chunks) it's not recognized as an escaped character by the C code and is thus not unescaped. This can be reproduced with the following snippet:

> Input = lists:duplicate(19999, "a") ++ "&amp;",
> binary_part(exml:unescape_cdata({xmlcdata, Input}), {19999, 5}).
<<"&amp;">>

Feb 08 '17 14:02 kzemek