diff options
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | ext/standard/string.c | 5 | ||||
| -rw-r--r-- | ext/standard/tests/strings/bug70720.phpt | 12 |
3 files changed, 19 insertions, 1 deletions
@@ -17,6 +17,9 @@ PHP NEWS - Session: . Fixed bug #71122 (Session GC may not remove obsolete session data). (Yasuo) +- Standard: + . Fixed bug #70720 (strip_tags improper php code parsing). (Julien) + 17 Dec 2015, PHP 5.6.17 - Core: diff --git a/ext/standard/string.c b/ext/standard/string.c index 8a960a8ed4..a99faf2665 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -4689,6 +4689,9 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, int len, int *stateptr, char *allow, switch (state) { case 1: /* HTML/XML */ lc = '>'; + if (*(p -1) == '-') { + break; + } in_q = state = 0; if (allow) { if (tp - tbuf >= PHP_TAG_BUF_SIZE) { @@ -4818,7 +4821,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, int len, int *stateptr, char *allow, * state == 2 (PHP). Switch back to HTML. */ - if (state == 2 && p > buf+2 && strncasecmp(p-2, "xm", 2) == 0) { + if (state == 2 && p > buf+2 && strncasecmp(p-4, "<?xm", 4) == 0) { state = 1; break; } diff --git a/ext/standard/tests/strings/bug70720.phpt b/ext/standard/tests/strings/bug70720.phpt new file mode 100644 index 0000000000..edf60080ac --- /dev/null +++ b/ext/standard/tests/strings/bug70720.phpt @@ -0,0 +1,12 @@ +--TEST-- +Bug #70720 (strip_tags() doesnt handle "xml" correctly) +--FILE-- +<?php +var_dump(strip_tags('<?php $dom->test(); ?> this is a test')); +var_dump(strip_tags('<?php $xml->test(); ?> this is a test')); +var_dump(strip_tags('<?xml $xml->test(); ?> this is a test')); +?> +--EXPECTF-- +string(15) " this is a test" +string(15) " this is a test" +string(15) " this is a test"
\ No newline at end of file |