Fixed bug #21744(21741)

Added test case for the bug

diff --git a/ext/standard/string.c b/ext/standard/string.c
index b6fe0f03aeb6d5bb51411fff19fa1ed96792adfb..25206d93a555758072a545da91b69cb5eafedc9a 100644 (file)
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -3630,8 +3630,16 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int *stateptr, char *allow, int
                                        state = 3;
                                        lc = c;
                                } else {
-                                       *(rp++) = c;
-                               }       
+                                       if (state == 0) {
+                                               *(rp++) = c;
+                                       } else if (allow && state == 1) {
+                                               *(tp++) = c;
+                                               if ( (tp-tbuf) >= PHP_TAG_BUF_SIZE ) {
+                                                       /* prevent buffer overflows */
+                                                       tp = tbuf;
+                                               }
+                                       }
+                               }
                                break;
 
                        case '?':

diff --git a/ext/standard/tests/strings/bug21744.phpt b/ext/standard/tests/strings/bug21744.phpt
new file mode 100644 (file)
index 0000000..925dac3
--- /dev/null
+++ b/ext/standard/tests/strings/bug21744.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #21744 (strip_tags misses exclamation marks in alt text)
+--FILE--
+<?php
+$test = <<< HERE
+<a href="test?test\\!!!test">test</a>
+<!-- test -->
+HERE;
+
+print strip_tags($test, '');
+print strip_tags($test, '<a>');
+?>
+--EXPECT--
+test
+<a href="test?test\!!!test">test</a>