Is there a way to prevent Markdown nesting abuse?

I'm using the PHP Markdown script ava开发者_如何学Goilable here: http://michelf.com/projects/php-markdown/

I noticed today that if someone posts a message containing text like:

>>>>>>>>>>>>>>>>>> Hello World <<<<<<<<<<<<<<<<<<<<

...Xdebug will produce a fatal error due to in excess of 100 nested function calls. I then realized that pretty much any markdown syntax can be abused in this way - in many cases inadvertently.

I fixed the problem by replacing instances of >>>> with >\>\>\>, but that doesn't seem like an adequate solution at all.

Has anyone come across this? Is there a better PHP script for formatting Markdown?

With Markdown the normal route is to make sure you have good HTML sanitization applied afterward, and then add hacks as necessary. For the >>>>> a simple hack would be:

preg_replace_callback("|>{5,}|", function($match) { 
    return preg_replace('|.|', '\>', $match[0]);
}, $input);

This adds a backslash to escape sequences of > that are five or more characters long.

Thankfully there are efforts to write more solid Markdown parsers. One such effort is Sundown, based on Upskirt, which is in C but has a PHP extension: https://github.com/chobie/php-sundown