From 7b35d4bdc5e514ded03c0f0012983fe315a3aaf4 Mon Sep 17 00:00:00 2001
From: John MacFarlane <jgm@berkeley.edu>
Date: Mon, 11 Nov 2019 12:55:33 -0800
Subject: Cleaner approach to max digits for numeric entities.

This modifies unescaping in houdini_html_u.c rather than
the entity handling in inlines.c.  Unlike the other,
this approach works also in e.g. link titles.
---
 src/houdini_html_u.c | 6 +++++-
 src/inlines.c        | 7 +------
 2 files changed, 6 insertions(+), 7 deletions(-)

(limited to 'src')

diff --git a/src/houdini_html_u.c b/src/houdini_html_u.c
index 30d08aa..ce57ea1 100644
--- a/src/houdini_html_u.c
+++ b/src/houdini_html_u.c
@@ -42,6 +42,7 @@ bufsize_t houdini_unescape_ent(cmark_strbuf *ob, const uint8_t *src,
   if (size >= 3 && src[0] == '#') {
     int codepoint = 0;
     int num_digits = 0;
+    int max_digits = 7;
 
     if (_isdigit(src[1])) {
       for (i = 1; i < size && _isdigit(src[i]); ++i) {
@@ -55,6 +56,7 @@ bufsize_t houdini_unescape_ent(cmark_strbuf *ob, const uint8_t *src,
       }
 
       num_digits = i - 1;
+      max_digits = 7;
     }
 
     else if (src[1] == 'x' || src[1] == 'X') {
@@ -69,9 +71,11 @@ bufsize_t houdini_unescape_ent(cmark_strbuf *ob, const uint8_t *src,
       }
 
       num_digits = i - 2;
+      max_digits = 6;
     }
 
-    if (num_digits >= 1 && num_digits <= 8 && i < size && src[i] == ';') {
+    if (num_digits >= 1 && num_digits <= max_digits &&
+		    i < size && src[i] == ';') {
       if (codepoint == 0 || (codepoint >= 0xD800 && codepoint < 0xE000) ||
           codepoint >= 0x110000) {
         codepoint = 0xFFFD;
diff --git a/src/inlines.c b/src/inlines.c
index 263a39b..6b77311 100644
--- a/src/inlines.c
+++ b/src/inlines.c
@@ -784,18 +784,13 @@ static cmark_node *handle_backslash(subject *subj) {
 static cmark_node *handle_entity(subject *subj) {
   cmark_strbuf ent = CMARK_BUF_INIT(subj->mem);
   bufsize_t len;
-  int length_limit = 256;
 
   advance(subj);
 
   len = houdini_unescape_ent(&ent, subj->input.data + subj->pos,
                              subj->input.len - subj->pos);
 
-  if (peek_char(subj) == '#') {
-     length_limit = 9; // includes #, optional x for hex, and ;
-  }
-
-  if (len <= 0 || len > length_limit)
+  if (len <= 0)
     return make_str(subj, subj->pos - 1, subj->pos - 1, cmark_chunk_literal("&"));
 
   subj->pos += len;
-- 
cgit v1.2.3