diff options
author | John MacFarlane <jgm@berkeley.edu> | 2019-03-17 22:43:38 -0700 |
---|---|---|
committer | John MacFarlane <jgm@berkeley.edu> | 2019-03-17 22:43:38 -0700 |
commit | 325a1471d2a32bcc1e2d2580b973ff4ba1df85e8 (patch) | |
tree | 94c5f59aee2756009cbc87f8c65c73bca41a3b67 /test/cmark-fuzz.c | |
parent | ca8ef74a8d50fbd76fb0d22fb110e660ef9944a4 (diff) |
Make rendering safe by default.
Removes CMARK_OPT_SAFE from options.
Adds CMARK_OPT_UNSAFE, with the opposite meaning.
The new default behavior is to suppress raw HTML and
potentially dangerous links. The CMARK_OPT_UNSAFE
option has to be set explicitly to prevent this.
--------------------------------------------------------
NOTE: This change will require modifications in
bindings for cmark and in most libraries and programs
that use cmark.
--------------------------------------------------------
Closes #239, #273.
Borrows heavily from @kivikakk's patch in github/cmark-gfm#123.
Diffstat (limited to 'test/cmark-fuzz.c')
-rw-r--r-- | test/cmark-fuzz.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/test/cmark-fuzz.c b/test/cmark-fuzz.c index 9bdd3a5..02c05bc 100644 --- a/test/cmark-fuzz.c +++ b/test/cmark-fuzz.c @@ -13,7 +13,7 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { memcpy(&fuzz_config, data, sizeof(fuzz_config)); /* Mask off valid option bits */ - fuzz_config.options &= (CMARK_OPT_SOURCEPOS | CMARK_OPT_HARDBREAKS | CMARK_OPT_SAFE | CMARK_OPT_NOBREAKS | CMARK_OPT_NORMALIZE | CMARK_OPT_VALIDATE_UTF8 | CMARK_OPT_SMART); + fuzz_config.options &= (CMARK_OPT_SOURCEPOS | CMARK_OPT_HARDBREAKS | CMARK_OPT_UNSAFE | CMARK_OPT_NOBREAKS | CMARK_OPT_NORMALIZE | CMARK_OPT_VALIDATE_UTF8 | CMARK_OPT_SMART); /* Remainder of input is the markdown */ const char *markdown = (const char *)(data + sizeof(fuzz_config)); |