summaryrefslogtreecommitdiffstats
path: root/WebCore/loader/TextResourceDecoder.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'WebCore/loader/TextResourceDecoder.cpp')
-rw-r--r--WebCore/loader/TextResourceDecoder.cpp6
1 files changed, 4 insertions, 2 deletions
diff --git a/WebCore/loader/TextResourceDecoder.cpp b/WebCore/loader/TextResourceDecoder.cpp
index ee81326..db68441 100644
--- a/WebCore/loader/TextResourceDecoder.cpp
+++ b/WebCore/loader/TextResourceDecoder.cpp
@@ -509,11 +509,13 @@ bool TextResourceDecoder::checkForCSSCharset(const char* data, size_t len, bool&
static inline void skipComment(const char*& ptr, const char* pEnd)
{
const char* p = ptr;
+ if (p == pEnd)
+ return;
// Allow <!-->; other browsers do.
if (*p == '>') {
p++;
} else {
- while (p != pEnd) {
+ while (p + 2 < pEnd) {
if (*p == '-') {
// This is the real end of comment, "-->".
if (p[1] == '-' && p[2] == '>') {
@@ -521,7 +523,7 @@ static inline void skipComment(const char*& ptr, const char* pEnd)
break;
}
// This is the incorrect end of comment that other browsers allow, "--!>".
- if (p[1] == '-' && p[2] == '!' && p[3] == '>') {
+ if (p + 3 < pEnd && p[1] == '-' && p[2] == '!' && p[3] == '>') {
p += 4;
break;
}
generated by cgit v1.1 at 2024-09-04 10:52:49 +0000