mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-26 07:06:08 +00:00
Code Issues 32 Releases Wiki Activity

Fixed an infinite loop possibility in strip_tags().

Browse Source 
This is a security fix; disclosure to follow shortly.
This commit is contained in:
Tim Graham
2015-03-04 08:11:25 -05:00
parent 9ddfe9b301
commit 1c83fc88d6
4 changed files with 41 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
django/utils/html.py
View File

@@ -175,8 +175,10 @@ def strip_tags(value):
# is redundant, but helps to reduce number of executions of _strip_once.
while '<' in value and '>' in value:
new_value = _strip_once(value)
if new_value == value:
# _strip_once was not able to detect more tags
if len(new_value) >= len(value):
# _strip_once was not able to detect more tags or length increased
# due to http://bugs.python.org/issue20288
# (affects Python 2 < 2.7.7 and Python 3 < 3.3.5)
break
value = new_value
return value