]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: adcdb4f)
Fix bounds check in strip_tags()
authorNikita Popov <nikic@php.net>
Sat, 13 Feb 2016 16:47:30 +0000 (17:47 +0100)
committerNikita Popov <nikic@php.net>
Sat, 13 Feb 2016 16:47:30 +0000 (17:47 +0100)
ext/standard/string.c patch | blob | history

diff --git a/ext/standard/string.c b/ext/standard/string.c
index bcfc3b61812e014118bb3a5a4e2c2a65d89ac4cb..d5f83e7d0f49e6a3c3ba3036f626da06d721ea68 100644 (file)
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -4822,7 +4822,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, int len, int *stateptr, char *allow,
                                 * state == 2 (PHP). Switch back to HTML.
                                 */
 
-                               if (state == 2 && p > buf+2 && strncasecmp(p-4, "<?xm", 4) == 0) {
+                               if (state == 2 && p > buf+4 && strncasecmp(p-4, "<?xm", 4) == 0) {
                                        state = 1; is_xml=1;
                                        break;
                                }
Unnamed repository; edit this file 'description' to name the repository.