diet-ng 1.8.3: source/diet/internal/html.d:185: data modification (truncation) in filterHTMLEscape?
kdevel
kdevel at vogtner.de
Sun Apr 27 21:01:02 UTC 2025
The actual modification happens in the line marked as `(1)`. But
this is not the location of the root cause.
The variable `ch` is of type `dchar`. Does anybody see the
problem?
```d
switch (ch) {
default:
if (flags & HTMLEscapeFlags.escapeUnknown) {
dst.put("&#");
dst.put(to!string(cast(uint)ch));
dst.put(';');
} else dst.put(ch);
break;
case '"':
if (flags & HTMLEscapeFlags.escapeQuotes) dst.put(""");
else dst.put('"');
break;
case '\'':
if (flags & HTMLEscapeFlags.escapeQuotes) dst.put("'");
else dst.put('\'');
break;
case '\r', '\n':
if (flags & HTMLEscapeFlags.escapeNewline) {
dst.put("&#");
dst.put(to!string(cast(uint)ch));
dst.put(';');
} else dst.put(ch);
break;
case 'a': .. case 'z': goto case;
case 'A': .. case 'Z': goto case;
case '0': .. case '9': goto case;
case ' ', '\t', '-', '_', '.', ':', ',', ';',
'#', '+', '*', '?', '=', '(', ')', '/', '!',
'%' , '{', '}', '[', ']', '`', '´', '$', '^', '~':
dst.put(cast(char)ch); // <<----- (1)
break;
case '<': dst.put("<"); break;
case '>': dst.put(">"); break;
case '&': dst.put("&"); break;
}
```
[1]
https://github.com/rejectedsoftware/diet-ng/blob/master/source/diet/internal/html.d
More information about the Digitalmars-d
mailing list