Merge branch 'PHP-7.4'

* PHP-7.4: Fix #78814: strip_tags allows / in tag name => whitelist bypass
2026-04-05 15:12:39 +02:00 · 2019-12-02 11:39:58 +01:00
parent b07c76059d 3356dd0575
commit 8a5601a364
2 changed files with 9 additions and 1 deletions
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -4893,7 +4893,7 @@ int php_tag_find(char *tag, size_t len, const char *set) {
 					if (state == 0) {
 						state=1;
 					}
-					if (c != '/') {
+					if (c != '/' || (*(t-1) != '<' && *(t+1) != '>')) {
 						*(n++) = c;
 					}
 				} else {
--- a/ext/standard/tests/strings/bug78814.phpt
+++ b/ext/standard/tests/strings/bug78814.phpt
@@ -0,0 +1,8 @@
+--TEST--
+Bug #78814 (strip_tags allows / in tag name => whitelist bypass)
+--FILE--
+<?php
+echo strip_tags("<s/trong>b</strong>", "<strong>");
+?>
+--EXPECT--
+b</strong>