Skip to content

Commit 08b1da9

Browse files
alexandre-dauboisalexandre-daubois
committed
[Yaml] Fixed infinite loop when parser goes through an additional and invalid closing tag
Instead of letting the parser goes in an infinite loop, throw an exception when the additional and invalid is found
1 parent 3b1948f commit 08b1da9

File tree

2 files changed

+23
-0
lines changed

2 files changed

+23
-0
lines changed

src/Symfony/Component/Yaml/Parser.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1225,6 +1225,10 @@ private function lexUnquotedString(int &$cursor): string
12251225
$offset = $cursor;
12261226
$cursor += strcspn($this->currentLine, '[]{},: ', $cursor);
12271227

1228+
if ($cursor === $offset) {
1229+
throw new ParseException('Malformed unquoted YAML string');
1230+
}
1231+
12281232
return substr($this->currentLine, $offset, $cursor - $offset);
12291233
}
12301234

src/Symfony/Component/Yaml/Tests/ParserTest.php

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2676,6 +2676,25 @@ public function testParseValueWithNegativeModifiers()
26762676
);
26772677
}
26782678

2679+
public function testThrowExceptionIfInvalidAdditionalClosingTagOccurs()
2680+
{
2681+
$yaml = '{
2682+
"object": {
2683+
"array": [
2684+
"a",
2685+
"b",
2686+
"c"
2687+
]
2688+
],
2689+
}
2690+
}';
2691+
2692+
$this->expectException(ParseException::class);
2693+
$this->expectExceptionMessage('Malformed unquoted YAML string at line 8 (near " ],")');
2694+
2695+
$this->parser->parse($yaml);
2696+
}
2697+
26792698
public function testWhitespaceAtEndOfLine()
26802699
{
26812700
$yaml = "\nfoo:\n arguments: [ '@bar' ] \n";

0 commit comments

Comments
 (0)