May 25, 2008
9:28 p.m.
Justus wrote:
Jorge Arellano Cid wrote:
The problem of being robust when parsing garbage or malicious code needs a general strategy.
Certainly testing flags all the time is very inadequate when the spec has it as, for example, <!ELEMENT SELECT - - (OPTGROUP|OPTION)+ -- option selector --> (i.e., don't put anything in a select except optgroup or option)...
In case these bug reports are useful at this point, here is another one:
In file html.cc, function Html_tag_close_select:
int size = input->select->options->size ();
fails since input->select is NULL. The html fragment that triggers this fault is attached.
..but since flags are what there is at the moment, here's a patch.