strings strip_tags_variation11.phpt

Scott MacVicar Tue, 15 Jul 2008 07:59:42 -0700

scottmac                Tue Jul 15 14:58:59 2008 UTC

  Added files:                 (Branch: PHP_5_2)
    /php-src/ext/standard/tests/strings strip_tags_variation11.phpt


  Modified files:              
    /php-src    NEWS 
    /php-src/ext/standard       string.c 
  Log:
  MFH: Fix bug when < is used within attribute.
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1174&r2=1.2027.2.547.2.1175&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1174 php-src/NEWS:1.2027.2.547.2.1175
--- php-src/NEWS:1.2027.2.547.2.1174    Tue Jul 15 13:38:29 2008
+++ php-src/NEWS        Tue Jul 15 14:58:58 2008
@@ -9,6 +9,7 @@
 - Fixed a crash inside PDO when trying instantiate PDORow manually. (Felipe)
 - Fixed build failure of ext/mysqli with libmysql 6.0 - missing rpl
   functions. (Andrey)
+- Fixed a regression when using strip_tags() and < is within an attribute. 
(Scott)
 
 - Fixed bug #45486 (mb_send_mail(); header 'Content-Type: text/plain; 
charset=' 
   parsing incorrect). (Felipe)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.75&r2=1.445.2.14.2.76&diff_format=u
Index: php-src/ext/standard/string.c
diff -u php-src/ext/standard/string.c:1.445.2.14.2.75 
php-src/ext/standard/string.c:1.445.2.14.2.76
--- php-src/ext/standard/string.c:1.445.2.14.2.75       Fri Jul 11 12:16:05 2008
+++ php-src/ext/standard/string.c       Tue Jul 15 14:58:58 2008
@@ -18,7 +18,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: string.c,v 1.445.2.14.2.75 2008/07/11 12:16:05 felipe Exp $ */
+/* $Id: string.c,v 1.445.2.14.2.76 2008/07/15 14:58:58 scottmac Exp $ */
 
 /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */
 
@@ -4355,6 +4355,9 @@
                        case '\0':
                                break;
                        case '<':
+                               if (in_q) {
+                                       break;
+                               }
                                if (isspace(*(p + 1)) && !allow_tag_spaces) {
                                        goto reg_char;
                                }

http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/strings/strip_tags_variation11.phpt?view=markup&rev=1.1
Index: php-src/ext/standard/tests/strings/strip_tags_variation11.phpt
+++ php-src/ext/standard/tests/strings/strip_tags_variation11.phpt
--TEST--
Test strip_tags() function : obscure values within attributes
--INI--
short_open_tag = on
--FILE--
<?php

echo "*** Testing strip_tags() : obscure functionality ***\n";

// array of arguments
$string_array = array (
  'hello <img title="<"> world',
  'hello <img title=">"> world',
  'hello <img title=">_<"> world',
  "hello <img title='>_<'> world"
);


// Calling strip_tags() with default arguments
// loop through the $string_array to test strip_tags on various inputs
$iteration = 1;
foreach($string_array as $string)
{
  echo "-- Iteration $iteration --\n";
  var_dump( strip_tags($string) );
  $iteration++;
}

echo "Done";
?>
--EXPECTF--
*** Testing strip_tags() : obscure functionality ***
-- Iteration 1 --
unicode(12) "hello  world"
-- Iteration 2 --
unicode(12) "hello  world"
-- Iteration 3 --
unicode(12) "hello  world"
-- Iteration 4 --
unicode(12) "hello  world"
Done



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/standard string.c /ext/standard/tests/strings strip_tags_variation11.phpt

Reply via email to