java-diff-utils
diff --git a/‎java-diff-utils/src/main/java/com/github/difflib/unifieddiff/UnifiedDiffReader.java
Lines changed: 11 additions & 4 deletions b/‎java-diff-utils/src/main/java/com/github/difflib/unifieddiff/UnifiedDiffReader.java
Lines changed: 11 additions & 4 deletions
diff --git a/‎java-diff-utils/src/test/java/com/github/difflib/unifieddiff/UnifiedDiffReaderTest.java
Lines changed: 33 additions & 1 deletion b/‎java-diff-utils/src/test/java/com/github/difflib/unifieddiff/UnifiedDiffReaderTest.java
Lines changed: 33 additions & 1 deletion
diff --git a/‎java-diff-utils/src/test/resources/com/github/difflib/unifieddiff/problem_diff_issue107_3.diff
Lines changed: 24 additions & 0 deletions b/‎java-diff-utils/src/test/resources/com/github/difflib/unifieddiff/problem_diff_issue107_3.diff
Lines changed: 24 additions & 0 deletions
@@ -106,6 +106,8 @@ private UnifiedDiff parse() throws IOException, UnifiedDiffParserException {
             if (line != null) {
                 processLine(line, CHUNK);
                 while ((line = READER.readLine()) != null) {
+                    line = checkForNoNewLineAtTheEndOfTheFile(line);
+                    
                     if (!processLine(line, LINE_NORMAL, LINE_ADD, LINE_DEL)) {
                         throw new UnifiedDiffParserException("expected data line not found");
                     }
@@ -118,10 +120,7 @@ private UnifiedDiff parse() throws IOException, UnifiedDiffParserException {
                 }
                 line = READER.readLine();
 
-                if ("\\ No newline at end of file".equals(line)) {
-                    actualFile.setNoNewLineAtTheEndOfTheFile(true);
-                    line = READER.readLine();
-                }
+                line = checkForNoNewLineAtTheEndOfTheFile(line);
             }
             if (line == null || (line.startsWith("--") && !line.startsWith("---"))) {
                 break;
@@ -142,6 +141,14 @@ private UnifiedDiff parse() throws IOException, UnifiedDiffParserException {
         return data;
     }
 
+    private String checkForNoNewLineAtTheEndOfTheFile(String line) throws IOException {
+        if ("\\ No newline at end of file".equals(line)) {
+            actualFile.setNoNewLineAtTheEndOfTheFile(true);
+            return READER.readLine();
+        }
+        return line;
+    }
+
     static String[] parseFileNames(String line) {
         String[] split = line.split(" ");
         return new String[]{
 
@@ -277,12 +277,44 @@ public void testParseIssue107_2() throws IOException {
 
         assertThat(diff.getFiles().size()).isEqualTo(2);
 
-        final UnifiedDiffFile file = diff.getFiles().get(0);
         UnifiedDiffFile file1 = diff.getFiles().get(0);
         assertThat(file1.getFromFile()).isEqualTo("Main.java");
         assertThat(file1.getPatch().getDeltas().size()).isEqualTo(1);
 
     }
+    
+    @Test
+    public void testParseIssue107_3() throws IOException {
+        UnifiedDiff diff = UnifiedDiffReader.parseUnifiedDiff(
+                UnifiedDiffReaderTest.class.getResourceAsStream("problem_diff_issue107_3.diff"));
+
+        assertThat(diff.getFiles().size()).isEqualTo(1);
+
+        UnifiedDiffFile file1 = diff.getFiles().get(0);
+        assertThat(file1.getFromFile()).isEqualTo("Billion laughs attack.md");
+        assertThat(file1.getPatch().getDeltas().size()).isEqualTo(1);
+
+    }
+    
+    @Test
+    public void testParseIssue107_4() throws IOException {
+        UnifiedDiff diff = UnifiedDiffReader.parseUnifiedDiff(
+                UnifiedDiffReaderTest.class.getResourceAsStream("problem_diff_issue107_4.diff"));
+
+        assertThat(diff.getFiles().size()).isEqualTo(27);
+
+        assertThat(diff.getFiles()).extracting(f -> f.getFromFile()).contains("README.md");
+    }
+    
+    @Test
+    public void testParseIssue107_5() throws IOException {
+        UnifiedDiff diff = UnifiedDiffReader.parseUnifiedDiff(
+                UnifiedDiffReaderTest.class.getResourceAsStream("problem_diff_issue107_5.diff"));
+
+        assertThat(diff.getFiles().size()).isEqualTo(22);
+
+        assertThat(diff.getFiles()).extracting(f -> f.getFromFile()).contains("rt/management/src/test/java/org/apache/cxf/management/jmx/MBServerConnectorFactoryTest.java");
+    }
 
     @Test
     public void testParseIssue110() throws IOException {
 
@@ -0,0 +1,24 @@
+diff -r 4d1de0a006b7 -r ace1482360cb Billion laughs attack.md
+--- a/Billion laughs attack.md	Mon Feb 24 13:37:17 2020 +0000
++++ b/Billion laughs attack.md	Mon Feb 24 14:22:50 2020 +0000
+@@ -11,14 +11,12 @@
+ 
+ *The problem is*: when you stay with the mouth open and eyes closed then they may throw trash and you get sick.
+ 
+-
+-SnakeYAML Engine [has a way to restrict the amount of aliases for collections](https://bitbucket.org/asomov/snakeyaml-engine/src/default/src/test/java/org/snakeyaml/engine/usecases/references/ReferencesTest.java) to fail early without allocation too much resources.
++SnakeYAML 1.26+ [has a way to restrict the amount of aliases for collections](https://bitbucket.org/asomov/snakeyaml/src/default/src/test/java/org/yaml/snakeyaml/issues/issue377/ReferencesTest.java) to fail early without allocation too much resources.
+ 
+ # Solution #
+ 
+-1. If the YAML is not coming from untrusted source (it is merely a configuration file) then it is a false positive. Just ignore it. The quality of NVD database is very low and contains tons of issues which appear to be false positives.
+-2. Migrate to [SnakeYAML Engine](https://bitbucket.org/asomov/snakeyaml-engine/src/default/). It has a configuration option to restrict aliases for collections (the aliases for scalars cannot grow and they are not restricted)
+-3. Check how it is done in SnakeYAML Engine and build your own SnakeYAML version with the same change.
+-4. Read the YAML and check its quality before giving the document to SnakeYAML (count `*` and `&` for instance)
++1. Update to SnakeYAML 1.26. It has a configuration option to restrict aliases for collections (the aliases for scalars cannot grow and they are not restricted)
++2. If the YAML is not coming from untrusted source (it is merely a configuration file) then it is a false positive. Just ignore it. The quality of NVD database is very low and contains tons of issues which appear to be false positives.
++3. Read the YAML and check its quality before giving the document to SnakeYAML (count `*` and `&` for instance)
+ 
+-Enjoy.
+\ No newline at end of file
++Enjoy.