test: more setext-underline variants of to_html.rs:197 panic (GH-22)#210
Open
ChristianMurphy wants to merge 1 commit intowooorm:test/link-headingfrom
Open
test: more setext-underline variants of to_html.rs:197 panic (GH-22)#210ChristianMurphy wants to merge 1 commit intowooorm:test/link-headingfrom
to_html.rs:197 panic (GH-22)#210ChristianMurphy wants to merge 1 commit intowooorm:test/link-headingfrom
Conversation
…mGH-22) Adds 3 input-shape variants of the buffer-stack-underflow panic at `src/to_html.rs:197` ("at least one buffer should exist") that this PR already covers with `[:]:a\n-\na\n-` and `a\n-\n--\na\n-`. All three new shapes panic at the same site in 1.0.0 release; the panic is not sensitive to the specific characters or attention markers around the setext underlines: * `x\n=\n=\nx\n=\n` (10B) — the smallest reproducer from a fuzzing campaign; alternating paragraph + underline + underline + paragraph + underline. * `Foo *bar*\n=========\n---------\nr*\n=========\n--------` — setext underlines mixed with `*…*` attention runs across multiple blocks; confirms attention parsing isn't load-bearing for the panic. * `a\n-\n--\na\n-` with `Options::gfm()` — same shape as case 2 of this PR but with GFM options; confirms the panic is not gated on default options and is reachable from any preset that goes through the same compile path. Verified to fail against `markdown = "=1.0.0"` in release. Use the weaker `matches!(_, Ok(_))` assertion since the spec-correct HTML output for these inputs is not load-bearing for what this test demonstrates — only that the call returns rather than panics. Found via in-tree fuzzing campaign. Related-to: wooormGH-22.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds 3 input-shape variants of the buffer-stack-underflow panic at
src/to_html.rs:197("at least one buffer should exist") that this PR already covers with[:]:a\n-\na\n-anda\n-\n--\na\n-. All three new shapes panic at the same site in 1.0.0 release; the panic is not sensitive to the specific characters or attention markers around the setext underlines:x\n=\n=\nx\n=\n(10B) — the smallest reproducer from a fuzzing campaign; alternating paragraph + underline + underline + paragraph + underline.Foo *bar*\n=========\n---------\nr*\n=========\n--------— setext underlines mixed with*…*attention runs across multiple blocks; confirms attention parsing isn't load-bearing for the panic.a\n-\n--\na\n-withOptions::gfm()— same shape as case 2 of this PR but with GFM options; confirms the panic is not gated on default options and is reachable from any preset that goes through the same compile path.Verified to fail against
markdown = "=1.0.0"in release. Use the weakermatches!(_, Ok(_))assertion since the spec-correct HTML output for these inputs is not load-bearing for what this test demonstrates, only that the call returns rather than panics.Found via in-tree fuzzing campaign.
Related-to: GH-22.