If the size of the content parsed by StringScanner to parse huge XML …

…exceeds a certain size, have it removed.

See: #150

lib/rexml/parsers/baseparser.rb

@@ -204,6 +204,8 @@ def peek depth=0
 
       # Returns the next event.  This is a +PullEvent+ object.
       def pull
+        @source.drop_parsed_content
+
         pull_event.tap do |event|
           @listeners.each do |listener|
             listener.receive event

lib/rexml/source.rb

@@ -55,6 +55,7 @@ class Source
     attr_reader :encoding
 
     module Private
+      SCANNER_RESET_SIZE = 100000
       PRE_DEFINED_TERM_PATTERNS = {}
       pre_defined_terms = ["'", '"', "<"]
       pre_defined_terms.each do |term|
@@ -84,6 +85,12 @@ def buffer
       @scanner.rest
     end
 
+    def drop_parsed_content
+      if @scanner.pos > SCANNER_RESET_SIZE
+        @scanner.string = @scanner.rest
+      end
+    end
+
     def buffer_encoding=(encoding)
       @scanner.string.force_encoding(encoding)
     end

test/test_baseparser.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: false
+
+require 'rexml/parsers/baseparser'
+
+module REXMLTests
+  class BaseParserTester < Test::Unit::TestCase
+    include REXML
+
+    N_ELEMENTS = 100
+    N_STRING = 'a' * 50000
+    def build_xml(n_elements)
+      xml = '<?xml version="1.0"?><root>'
+
+      n_elements.times do |i|
+        xml << '<child >'
+        xml <<  N_STRING
+        xml <<  '</child>'
+      end
+      xml << '</root>'
+    end
+
+    def test_parse_large_xml
+      xml = build_xml(N_ELEMENTS)
+      parser = REXML::Parsers::BaseParser.new(xml)
+      while parser.has_next?
+        parser.pull
+        assert_compare REXML::Source::SCANNER_RESET_SIZE + N_STRING.size, ">", parser.position
+      end
+    end
+  end
+end