iliaa                                    Tue, 22 Dec 2009 02:04:12 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=292465

Log:
Fixed bug #45599 (strip_tags() truncates rest of string with invalid attribute).

Bug: http://bugs.php.net/45599 (Open) [PATCH] strip_tags() truncates rest of 
string with invalid attribute 
      
Changed paths:
    U   php/php-src/branches/PHP_5_2/NEWS
    U   php/php-src/branches/PHP_5_2/ext/standard/string.c
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/ext/standard/string.c
    U   php/php-src/trunk/ext/standard/string.c

Modified: php/php-src/branches/PHP_5_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_2/NEWS   2009-12-22 00:23:12 UTC (rev 292464)
+++ php/php-src/branches/PHP_5_2/NEWS   2009-12-22 02:04:12 UTC (rev 292465)
@@ -9,8 +9,9 @@
   (Jani)
 - Fixed bug #50394 (Reference argument converted to value in __call). (Stas)
 - Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
+- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
+  attribute). (Ilia, hradtke)

-
 17 Dec 2009, PHP 5.2.12
 - Updated timezone database to version 2009.19 (2009s). (Derick)


Modified: php/php-src/branches/PHP_5_2/ext/standard/string.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/standard/string.c  2009-12-22 00:23:12 UTC 
(rev 292464)
+++ php/php-src/branches/PHP_5_2/ext/standard/string.c  2009-12-22 02:04:12 UTC 
(rev 292465)
@@ -4470,7 +4470,7 @@
                                        tp = ((tp-tbuf) >= PHP_TAG_BUF_SIZE ? 
tbuf: tp);
                                        *(tp++) = c;
                                }
-                               if (state && p != buf && *(p-1) != '\\' && 
(!in_q || *p == in_q)) {
+                               if (state && p != buf && (state == 1 || *(p-1) 
!= '\\') && (!in_q || *p == in_q)) {
                                        if (in_q) {
                                                in_q = 0;
                                        } else {

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2009-12-22 00:23:12 UTC (rev 292464)
+++ php/php-src/branches/PHP_5_3/NEWS   2009-12-22 02:04:12 UTC (rev 292465)
@@ -134,6 +134,8 @@
 - Fixed bug #49174 (crash when extending PDOStatement and trying to set
   queryString property). (Felipe)
 - Fixed bug #47848 (importNode doesn't preserve attribute namespaces). (Rob)
+- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
+  attribute). (Ilia, hradtke)
 - Fixed bug #45120 (PDOStatement->execute() returns true then false for same
   statement). (Pierrick)
 - Fixed bug #34852 (Failure in odbc_exec() using oracle-supplied odbc

Modified: php/php-src/branches/PHP_5_3/ext/standard/string.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/standard/string.c  2009-12-22 00:23:12 UTC 
(rev 292464)
+++ php/php-src/branches/PHP_5_3/ext/standard/string.c  2009-12-22 02:04:12 UTC 
(rev 292465)
@@ -4381,7 +4381,7 @@
                                        tp = ((tp-tbuf) >= PHP_TAG_BUF_SIZE ? 
tbuf: tp);
                                        *(tp++) = c;
                                }
-                               if (state && p != buf && *(p-1) != '\\' && 
(!in_q || *p == in_q)) {
+                               if (state && p != buf && (state == 1 || *(p-1) 
!= '\\') && (!in_q || *p == in_q)) {
                                        if (in_q) {
                                                in_q = 0;
                                        } else {

Modified: php/php-src/trunk/ext/standard/string.c
===================================================================
--- php/php-src/trunk/ext/standard/string.c     2009-12-22 00:23:12 UTC (rev 
292464)
+++ php/php-src/trunk/ext/standard/string.c     2009-12-22 02:04:12 UTC (rev 
292465)
@@ -6406,7 +6406,7 @@
                                tp = ((tp-tbuf) >= UBYTES(PHP_TAG_BUF_SIZE) ? 
tbuf: tp);
                                *(tp++) = ch;
                        }
-                       if (state && prev1 != 0x5C /*'\\'*/ && (!in_q || ch == 
in_q)) {
+                       if (state && (state ==1 || prev1 != 0x5C /*'\\'*/) && 
(!in_q || ch == in_q)) {
                                if (in_q) {
                                        in_q = 0;
                                } else {
@@ -6650,7 +6650,7 @@
                                        tp = ((tp-tbuf) >= PHP_TAG_BUF_SIZE ? 
tbuf: tp);
                                        *(tp++) = c;
                                }
-                               if (state && p != buf && *(p-1) != '\\' && 
(!in_q || *p == in_q)) {
+                               if (state && p != buf && (state == 1 || *(p-1) 
!= '\\') && (!in_q || *p == in_q)) {
                                        if (in_q) {
                                                in_q = 0;
                                        } else {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to