From: Ilia Alshanetsky <iliaa@php.net>
Date: Mon, 6 Jan 2003 22:13:03 +0000 (+0000)
Subject: Fixed bug #21453 (improper handling of non-terminated <).
X-Git-Tag: PHP_5_0_dev_before_13561_fix~418
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=97dd1e8abf3d568ec228a7695312ff8deabfef6a;p=php

Fixed bug #21453 (improper handling of non-terminated <).
---

diff --git a/ext/standard/string.c b/ext/standard/string.c
index ba361ff509..8490abf621 100644
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -3413,6 +3413,9 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int *stateptr, char *allow, int
 	while (i < len) {
 		switch (c) {
 			case '<':
+				if (isspace(*(p + 1))) {
+					goto reg_char;
+				}
 				if (state == 0) {
 					lc = '<';
 					state = 1;
@@ -3552,6 +3555,7 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int *stateptr, char *allow, int
 
 				/* fall-through */
 			default:
+reg_char:
 				if (state == 0) {
 					*(rp++) = c;
 				} else if (allow && state == 1) {
diff --git a/ext/standard/tests/strings/bug21453.phpt b/ext/standard/tests/strings/bug21453.phpt
new file mode 100644
index 0000000000..40d89dd1b4
--- /dev/null
+++ b/ext/standard/tests/strings/bug21453.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Bug #21453 (handling of non-encoded <)
+--FILE--
+<?php
+$test = "
+<table>
+	<tr><td>first cell before < first cell after</td></tr>
+	<tr><td>second cell before < second cell after</td></tr>
+</table>";
+
+	var_dump(strip_tags($test));
+?>
+--EXPECT--
+string(80) "
+
+	first cell before < first cell after
+	second cell before < second cell after
+"