Issues

ZF-8894: StripTags PREG_BACKTRACK_LIMIT_ERROR when stripping html comments

Description

The new implementation of Zend_Filter_StripTags fails on the next code


<?php
require_once 'Zend/Filter.php';
require_once 'Zend/Filter/StripTags.php';

$html = '

TEXT

'; $chain = new Zend_Filter ( ); $chain->addFilter ( new Zend_Filter_StripTags()); $html = $chain->filter ( $html );

The expected result is TEXT but an empty string is returned.

The error generates on this line of the Zend_Filter_StripTags implementation:


public function filter($value)
    {
        // Strip HTML comments first
        $valueCopy = preg_replace('#

Comments

Can you please test against trunk and/or the release-1.10 branch? some minor changes were made to that regexp that might affect your scenario.

I tried with this versions http://framework.zend.com/svn/framework/… http://framework.zend.com/svn/framework/…

Both have the same regular expression, and it still doesn't work.

I can't reproduce the issue -- it runs without error for me, and correctly strips all tags and comments.

What OS and PHP version (and 32 or 64 bit) are you using? I've tested on 5.2.10 and 5.3.1, both on linux 32bit.

I've tested in PHP Version 5.2.10-2ubuntu6.4 (64 bits)

@Emmanuel: Can you please also give the exact revision number you have tested against? (r20500 or above?)

I've had a colleague test under 64bit linux, with no issues. My inclination is that you are either (a) not providing the full HTML snippet that fails, or (b) the PCRE lib your PHP install was compiled against is really old (not unlikely, if you're really on ubuntu 6.4).

I dont know where to find the revision number.

If i rise the pcre.backtrack_limit to a huge number (like 10000000) the script works

The version of php is the one that is downloaded from the repository in the last version of ubuntu (9.10). However the version is "PHP Version 5.2.10-2ubuntu6.4"

The version of PCRE is 7.8 2008-09-05

I have tested this on 3 machines:

AMD Turion X2 64 - Ubuntu 9.10 AMD Phenom X3 64 - Ubuntu 9.10 AMD Duron - Debian (i didn't write down the version)

All the versions of PHP are from the repository, i didn't compile them

You can find the revision directly from SVN when you're on trunk.

Or go to the file Zend_Filter_StripTags and simply look at the header. This is the revision number which is in interest for us.

Note: This issue was fixed some days ago for 1.10, and yesterday for trunk. Try the new 1.10RC to see if you still have this issue. When it persists in the new revision I would ask to reopen this issue.

Note2: As the new version does no longer unicode transisions the amount of backtracks should now be very low.

Note3: The line you gave as result of the error shows me that you have used an outdated version which must be at last one or two weeks old.

On release 1.10 this line has been changed on 15.01. and on trunk with 21.01. as we had to test it more deeply.

I downloaded revision 20514 from http://framework.zend.com/svn/framework/…

And it doesnt work. I made a simpler test case of the part with the problem


$html = preg_replace('#

Seems to me like an PHP internal bug.

In my eyes there is no way for ZF to prevent running into preg_replace problems when they are dependend on the given input.