Infinite IEnumerable?

The source is changing during evaluation.

Threading issue as the IEnumerable was having elements added to it whilst the ToArray was called?

It's taking the code path where the IEnumerable is really a ICollection, and using it's Count property to size the buffer. This property was possibly lying.

+1 on Rob Jan's reason

Indeed, as the others above have suggested, I would guess its a threading issue. This one was pretty easy to reproduce:

var ints = new List <int();

var thread = new Thread(delegate() { while (true) ints.Add(0); });

thread.Start();

while(true) Console.WriteLine(ints.ToArray().Length);

Argh, I always forget to html encode my generics when posting blog comments.... :(

@Paul,

I'm quite surprised is not being HTML encoded by the blog engine. What about tags such as and ?

@Um,

I'm not at all surprised that the blog engine takes the approach of stripping everything that is enclosed by < and > rather than trying to figure out what is safe and encoding the rest. In the long run, stripping is safer.

Threading issue came to mind first, and looks like the case here. I could also see this happening if you had some custom Collection <t implementation that didn't return the correct Count. Looking at S.L.Buffer, it looks like it reuses ICollection.Count if you're passing a collection, otherwise, it loops over the IEnumerable and counts manually.

@dave-ilsw: how is stripping safer than Html-encoding the whole comment?? It certainly is a lot more inconvenient.

But a simple XSS attack is possible, which puts your visitors at risk. I can't imagine that the default configuration of Subtext doesn't encode comments?!

Ayende,

I don't know, probably nothing. However, there are other risks with XSS. The worst involve exploiting browser vulnerabilities to install trojans or hijackers ( http://www.owasp.org/index.php/XSS).