Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #469 - parsing from buffered reader #471

Merged
merged 2 commits into from Sep 10, 2022
Merged

Fix #469 - parsing from buffered reader #471

merged 2 commits into from Sep 10, 2022

Conversation

Mingun
Copy link
Collaborator

@Mingun Mingun commented Sep 6, 2022

Fixes #469

The bug was introduced in f2b99f0.

@Mingun
Add tests for tafia#469
e052a46 
failures (8):
    reader::async_tokio::test::small_buffers::cdata1
    reader::async_tokio::test::small_buffers::cdata2
    reader::async_tokio::test::small_buffers::comment1
    reader::async_tokio::test::small_buffers::comment2
    reader::buffered_reader::test::small_buffers::cdata1
    reader::buffered_reader::test::small_buffers::cdata2
    reader::buffered_reader::test::small_buffers::comment1
    reader::buffered_reader::test::small_buffers::comment2
@Mingun
Fix incorrect reading of CDATA and comments when end sequence crosses…
75823d5 
… the boundary of chunks in buffered reader

The bug was introduced in f2b99f0
@Mingun Mingun requested a review from dralley September 6, 2022 18:03
@Mingun Mingun added the bug label Sep 6, 2022
@Mingun
Copy link
Collaborator Author

Mingun commented Sep 10, 2022

I'm going to merge this soon and release 0.25.0 with the fix

@Mingun Mingun merged commit a10b1c3 into tafia:master Sep 10, 2022
@Mingun Mingun deleted the fix-buffered-parsing branch September 10, 2022 15:03
@trinity-1686a trinity-1686a mentioned this pull request Sep 10, 2022
Merged
@tustvold tustvold mentioned this pull request Sep 10, 2022
Closed
@dralley
Copy link
Collaborator

dralley commented Sep 10, 2022

That's fine. I had a brief look at it but hadn't did a comprehensive review yet. My amount of free time varies week to week.

Some automated fuzzing would probably be effective at rooting out issues like this.

@dralley
Copy link
Collaborator

dralley commented Sep 10, 2022

It would be good to set guidelines for which bugs are severe enough to trigger a yank. I'm not sure that it was worthwhile in this case

@Mingun
Copy link
Collaborator Author

Mingun commented Sep 11, 2022

The problem in that that this bug can hide some content from reader if XML will be carefully constructed, which can have security implications. That is why I decided to yank that versions

@davidcornu davidcornu mentioned this pull request Sep 23, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dralley dralley Awaiting requested review from dralley

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Problems with reading XML from buffering reader
2 participants
@Mingun @dralley