Andreas/markdownlint
1
0
Fork 0
mirror of https://github.com/DavidAnson/markdownlint.git synced 2025-12-16 22:10:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Update helpers.inlineCommentRe to fix an instance of "Polynomial regular expression used on uncontrolled data".

Browse source
This commit is contained in:
David Anson 2022-02-12 17:46:46 -08:00
parent 1c89dd5776
commit f46ee0732f
3 changed files with 32 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

28
demo/markdownlint-browser.js
View file

@ -38,11 +38,11 @@ module.exports.newLineRe = newLineRe;
module.exports.frontMatterRe =
// eslint-disable-next-line max-len
/((^---\s*$[^]*?^---\s*$)|(^\+\+\+\s*$[^]*?^(\+\+\+|\.\.\.)\s*$)|(^\{\s*$[^]*?^\}\s*$))(\r\n|\r|\n|$)/m;
// Regular expression for matching inline disable/enable comments
var inlineCommentRe =
// Regular expression for matching the start of inline disable/enable comments
var inlineCommentStartRe =
// eslint-disable-next-line max-len
/<!--\s*markdownlint-(?:(?:(disable|enable|capture|restore|disable-file|enable-file|disable-next-line)((?:\s+[a-z0-9_-]+)*))|(?:(configure-file)\s+([\s\S]*?)))\s*-->/ig;
module.exports.inlineCommentRe = inlineCommentRe;
/(<!--\s*markdownlint-(disable|enable|capture|restore|disable-file|enable-file|disable-next-line|configure-file))(?:\s|-->)/ig;
module.exports.inlineCommentStartRe = inlineCommentStartRe;
// Regular expressions for range matching
module.exports.bareUrlRe = /(?:http|ftp)s?:\/\/[^\s\]"']*(?:\/|[^\s\]"'\W])/ig;
module.exports.listItemMarkerRe = /^([\s>]*)(?:[*+-]|\d+[.)])\s+/;
@ -176,9 +176,9 @@ module.exports.clearHtmlCommentText = function clearHtmlCommentText(text) {
if (isValid) {
var inlineCommentIndex = text
.slice(i, j + htmlCommentEnd.length)
.search(inlineCommentRe);
.search(inlineCommentStartRe);
// If not a markdownlint inline directive...
if (inlineCommentIndex === -1) {
if (inlineCommentIndex !== 0) {
text =
text.slice(0, i + htmlCommentBegin.length) +
content.replace(/[^\r\n]/g, ".") +
@ -1303,9 +1303,14 @@ function getEnabledRulesPerLineNumber(ruleList, lines, frontMatterLines, noInlin
input.forEach(function (line, lineIndex) {
if (!noInlineConfig) {
var match = null;
while ((match = helpers.inlineCommentRe.exec(line))) {
var action = (match[1] || match[3]).toUpperCase();
var parameter = match[2] || match[4];
while ((match = helpers.inlineCommentStartRe.exec(line))) {
var action = match[2].toUpperCase();
var startIndex = match.index + match[1].length;
var endIndex = line.indexOf("-->", startIndex);
if (endIndex === -1) {
break;
}
var parameter = line.slice(startIndex, endIndex);
forEachMatch(action, parameter, lineIndex + 1);
}
}
@ -1330,9 +1335,8 @@ function getEnabledRulesPerLineNumber(ruleList, lines, frontMatterLines, noInlin
function applyEnableDisable(action, parameter, state) {
state = __assign({}, state);
var enabled = (action.startsWith("ENABLE"));
var items = parameter ?
parameter.trim().toUpperCase().split(/\s+/) :
allRuleNames;
var trimmed = parameter && parameter.trim();
var items = trimmed ? trimmed.toUpperCase().split(/\s+/) : allRuleNames;
items.forEach(function (nameUpper) {
(aliasToRuleNames[nameUpper] || []).forEach(function (ruleName) {
state[ruleName] = enabled;

12
helpers/helpers.js
View file

@ -12,11 +12,11 @@ module.exports.frontMatterRe =
// eslint-disable-next-line max-len
/((^---\s*$[^]*?^---\s*$)|(^\+\+\+\s*$[^]*?^(\+\+\+|\.\.\.)\s*$)|(^\{\s*$[^]*?^\}\s*$))(\r\n|\r|\n|$)/m;
// Regular expression for matching inline disable/enable comments
const inlineCommentRe =
// Regular expression for matching the start of inline disable/enable comments
const inlineCommentStartRe =
// eslint-disable-next-line max-len
/<!--\s*markdownlint-(?:(?:(disable|enable|capture|restore|disable-file|enable-file|disable-next-line)((?:\s+[a-z0-9_-]+)*))|(?:(configure-file)\s+([\s\S]*?)))\s*-->/ig;
module.exports.inlineCommentRe = inlineCommentRe;
/(<!--\s*markdownlint-(disable|enable|capture|restore|disable-file|enable-file|disable-next-line|configure-file))(?:\s|-->)/ig;
module.exports.inlineCommentStartRe = inlineCommentStartRe;
// Regular expressions for range matching
module.exports.bareUrlRe = /(?:http|ftp)s?:\/\/[^\s\]"']*(?:\/|[^\s\]"'\W])/ig;
@ -163,9 +163,9 @@ module.exports.clearHtmlCommentText = function clearHtmlCommentText(text) {
if (isValid) {
const inlineCommentIndex = text
.slice(i, j + htmlCommentEnd.length)
.search(inlineCommentRe);
.search(inlineCommentStartRe);
// If not a markdownlint inline directive...
if (inlineCommentIndex === -1) {
if (inlineCommentIndex !== 0) {
text =
text.slice(0, i + htmlCommentBegin.length) +
content.replace(/[^\r\n]/g, ".") +

16
lib/markdownlint.js
View file

@ -346,9 +346,14 @@ function getEnabledRulesPerLineNumber(
input.forEach((line, lineIndex) => {
if (!noInlineConfig) {
let match = null;
while ((match = helpers.inlineCommentRe.exec(line))) {
const action = (match[1] || match[3]).toUpperCase();
const parameter = match[2] || match[4];
while ((match = helpers.inlineCommentStartRe.exec(line))) {
const action = match[2].toUpperCase();
const startIndex = match.index + match[1].length;
const endIndex = line.indexOf("-->", startIndex);
if (endIndex === -1) {
break;
}
const parameter = line.slice(startIndex, endIndex);
forEachMatch(action, parameter, lineIndex + 1);
}
}
@ -375,9 +380,8 @@ function getEnabledRulesPerLineNumber(
function applyEnableDisable(action, parameter, state) {
state = { ...state };
const enabled = (action.startsWith("ENABLE"));
const items = parameter ?
parameter.trim().toUpperCase().split(/\s+/) :
allRuleNames;
const trimmed = parameter && parameter.trim();
const items = trimmed ? trimmed.toUpperCase().split(/\s+/) : allRuleNames;
items.forEach((nameUpper) => {
(aliasToRuleNames[nameUpper] || []).forEach((ruleName) => {
state[ruleName] = enabled;