kotovalexarian-likes-github/haml--haml
1
0
Fork 0
mirror of https://github.com/haml/haml.git synced 2022-11-09 12:33:31 -05:00
Code Releases Activity

Attribute keys might contain a NUL character

Browse source 
Also, I'm not sure RSTRING_PTR() always returns a NUL-terminated string
or not.
This commit is contained in:
Kohei Suzuki 2015-12-14 01:28:05 +09:00
parent bb85aa7c83
commit 2c564d9c99
2 changed files with 13 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
ext/hamlit/hamlit.c
View file

@ -29,9 +29,9 @@ delete_falsey_values(VALUE values)
} }
static int static int
str_eq(VALUE str, const char *cstr) str_eq(VALUE str, const char *cstr, long n)
{ {
return strcmp(RSTRING_PTR(str), cstr) == 0; return RSTRING_LEN(str) == n && memcmp(RSTRING_PTR(str), cstr, n) == 0;
} }
static VALUE static VALUE
@ -303,7 +303,7 @@ merge_all_attrs_i(VALUE key, VALUE value, VALUE merged)
VALUE array; VALUE array;
key = to_s(key); key = to_s(key);
if (str_eq(key, "id") || str_eq(key, "class") || str_eq(key, "data")) { if (str_eq(key, "id", 2) || str_eq(key, "class", 5) || str_eq(key, "data", 4)) {
array = rb_hash_aref(merged, key); array = rb_hash_aref(merged, key);
if (NIL_P(array)) { if (NIL_P(array)) {
array = rb_ary_new2(1); array = rb_ary_new2(1);
@ -333,7 +333,7 @@ int
is_boolean_attribute(VALUE key) is_boolean_attribute(VALUE key)
{ {
VALUE boolean_attributes; VALUE boolean_attributes;
if (str_eq(rb_str_substr(key, 0, 5), "data-")) return 1; if (str_eq(rb_str_substr(key, 0, 5), "data-", 5)) return 1;
boolean_attributes = rb_const_get(mAttributeBuilder, id_boolean_attributes); boolean_attributes = rb_const_get(mAttributeBuilder, id_boolean_attributes);
return RTEST(rb_ary_includes(boolean_attributes, key)); return RTEST(rb_ary_includes(boolean_attributes, key));
@ -412,11 +412,11 @@ hamlit_build(VALUE escape_attrs, VALUE quote, VALUE format, VALUE object_ref, VA
for (i = 0; i < RARRAY_LEN(keys); i++) { for (i = 0; i < RARRAY_LEN(keys); i++) {
key = rb_ary_entry(keys, i); key = rb_ary_entry(keys, i);
value = rb_hash_aref(attrs, key); value = rb_hash_aref(attrs, key);
if (str_eq(key, "id")) { if (str_eq(key, "id", 2)) {
hamlit_build_for_id(escape_attrs, quote, buf, value); hamlit_build_for_id(escape_attrs, quote, buf, value);
} else if (str_eq(key, "class")) { } else if (str_eq(key, "class", 5)) {
hamlit_build_for_class(escape_attrs, quote, buf, value); hamlit_build_for_class(escape_attrs, quote, buf, value);
} else if (str_eq(key, "data")) { } else if (str_eq(key, "data", 4)) {
hamlit_build_for_data(escape_attrs, quote, buf, value); hamlit_build_for_data(escape_attrs, quote, buf, value);
} else if (is_boolean_attribute(key)) { } else if (is_boolean_attribute(key)) {
hamlit_build_for_boolean(escape_attrs, quote, format, buf, key, value); hamlit_build_for_boolean(escape_attrs, quote, format, buf, key, value);

6
test/hamlit/engine/attributes_test.rb
View file

@ -218,6 +218,12 @@ describe Hamlit::Engine do
%div{ h1, h2 } %div{ h1, h2 }
HAML HAML
end end
it do
assert_haml(<<-'HAML'.unindent)
- h = { "class\0with null" => 'is not class' }
%div{ h }
HAML
end
end end
describe 'incompatibility' do describe 'incompatibility' do