2 files changed, 25 insertions, 2 deletions

diff --git a/ext/standard/string.c b/ext/standard/string.c
index b6fe0f03ae..25206d93a5 100644
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -3630,8 +3630,16 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int *stateptr, char *allow, int
 					state = 3;
 					lc = c;
 				} else {
-					*(rp++) = c;
-				}	
+					if (state == 0) {
+						*(rp++) = c;
+					} else if (allow && state == 1) {
+						*(tp++) = c;
+						if ( (tp-tbuf) >= PHP_TAG_BUF_SIZE ) {
+							/* prevent buffer overflows */
+							tp = tbuf;
+						}
+					}
+				}
 				break;
 
 			case '?':
diff --git a/ext/standard/tests/strings/bug21744.phpt b/ext/standard/tests/strings/bug21744.phpt
new file mode 100644
index 0000000000..925dac3fa0
--- /dev/null
+++ b/ext/standard/tests/strings/bug21744.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #21744 (strip_tags misses exclamation marks in alt text)
+--FILE--
+<?php
+$test = <<< HERE
+<a href="test?test\\!!!test">test</a>
+<!-- test -->
+HERE;
+
+print strip_tags($test, '');
+print strip_tags($test, '<a>');
+?>
+--EXPECT--
+test
+<a href="test?test\!!!test">test</a>