Merge pull request tj#159 from visionmedia/ejs and add test

jtsay362 · jtsay362 · commit 3d0d99131c87 · 2014-03-13T23:36:14.000-07:00
Original commit message: Fixed infinite loop problem in parse for unescaped ejs
diff --git a/ejs.js b/ejs.js
@@ -193,8 +193,13 @@ var parse = exports.parse = function(str, options){
           postfix = "; buf.push('";
       }
 
-      var end = str.indexOf(close, i)
-        , js = str.substring(i, end)
+      var end = str.indexOf(close, i);
+
+      if (end < 0){
+        throw new SyntaxError('Could not find matching close tag "' + close + '".');
+      }
+
+      var js = str.substring(i, end)
         , start = i
         , include = null
         , n = 0;
diff --git a/ejs.min.js b/ejs.min.js
diff --git a/lib/ejs.js b/lib/ejs.js
@@ -142,8 +142,13 @@ var parse = exports.parse = function(str, options){
           postfix = "; buf.push('";
       }
 
-      var end = str.indexOf(close, i)
-        , js = str.substring(i, end)
+      var end = str.indexOf(close, i);
+
+      if (end < 0){
+        throw new SyntaxError('Could not find matching close tag "' + close + '".');
+      }
+
+      var js = str.substring(i, end)
         , start = i
         , include = null
         , n = 0;
diff --git a/test/ejs.js b/test/ejs.js
@@ -140,6 +140,15 @@ describe('<%-', function(){
     ejs.render('<%- name %>', { name: '<script>' })
       .should.equal('<script>');
   })
+
+  it('should terminate gracefully if no close tag is found', function(){
+    try {
+      ejs.compile('<h1>oops</h1><%- name ->')
+      throw new Error('Expected parse failure');
+    } catch (err) {
+      err.message.should.equal('Could not find matching close tag "%>".');      
+    }      
+  })
 })
 
 describe('%>', function(){
