|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56687 Crash on HTML tags when using FS_STRING
Submitted: 2005-12-01 10:38 UTC Modified: 2005-12-01 11:24 UTC
From: Assigned: derick (profile)
Status: Closed Package: filter (PECL)
PHP Version: Irrelevant OS: Debian sarge
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
New email:
PHP Version: OS:


 [2005-12-01 10:38 UTC]
I think this is a known issue, but I'm placing it here for reference.

Passing a value of only HTML tags to input_get() crashes when using the default FS_STRING sanitizing filter.

Reproduce code:

var_dump(input_get(INPUT_GET, 'foo', FS_STRING));

Expected result:
string(0) ""



Actual result:
From Apache's log:
[Thu Dec 01 15:37:04 2005] [notice] child pid 24775 exit signal Segmentation fault (11)


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-12-01 10:46 UTC]
Here's a patch that corrects this issue:

Index: sanitizing_filters.c
RCS file: /repository/pecl/filter/sanitizing_filters.c,v
retrieving revision 1.5
diff -u -r1.5 sanitizing_filters.c
--- sanitizing_filters.c        15 Nov 2005 11:55:28 -0000      1.5
+++ sanitizing_filters.c        1 Dec 2005 15:45:19 -0000
@@ -178,6 +178,11 @@
        /* strip tags, implicitly also removes \0 chars */
        new_len = php_strip_tags(Z_STRVAL_P(value), Z_STRLEN_P(value), NULL, NUL
L, 0);
        Z_STRLEN_P(value) = new_len;
+       if (new_len == 0) {
+               Z_TYPE_P(value) = IS_NULL;
+               return;
+       }
        if (! (flags & FILTER_FLAG_NO_ENCODE_QUOTES)) {
                /* encode ' and " to numerical entity */
 [2005-12-01 11:24 UTC]
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on

In case this was a website problem, the change will show
up on the website in short time.
Thank you for the report, and for helping us make PECL better.

PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon May 20 08:01:26 2019 UTC