File tree 1 file changed +4
-3
lines changed
1 file changed +4
-3
lines changed Original file line number Diff line number Diff line change @@ -860,12 +860,13 @@ static void traverse_for_entities(
860860 entity_end_ptr = num_start ;
861861 if (process_numeric_entity (& entity_end_ptr , & code ) == FAILURE ) {
862862 valid_entity = false;
863- } else if (!all && (code > 63U || stage3_table_be_apos_00000 [code ].data .ent .entity == NULL )) {
863+ }
864+ if (valid_entity && !all && (code > 63U || stage3_table_be_apos_00000 [code ].data .ent .entity == NULL )) {
864865 /* If we're in htmlspecialchars_decode, we're only decoding entities
865866 * that represent &, <, >, " and '. Is this one of them? */
866867 valid_entity = false;
867- } else if (!unicode_cp_is_allowed (code , doctype ) ||
868- (doctype == ENT_HTML_DOC_HTML5 && code == 0x0D )) {
868+ } else if (valid_entity && ( !unicode_cp_is_allowed (code , doctype ) ||
869+ (doctype == ENT_HTML_DOC_HTML5 && code == 0x0D ))) {
869870 /* are we allowed to decode this entity in this document type?
870871 * HTML 5 is the only that has a character that cannot be used in
871872 * a numeric entity but is allowed literally (U+000D). The
You can’t perform that action at this time.
0 commit comments