Fixed escaping of array/object keys in debug_print_var

Author: wisskid

CHANGELOG.md

@@ -6,6 +6,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+- Fixed escaping of array/object keys in debug_print_var
+
 ## [5.5.1] - 2025-05-19
 - Fix missing support for loading modifiercompilers from plugin dir in BCPluginsAdapter [#1132](https://github.com/smarty-php/smarty/pull/1132)
 

src/Extension/DefaultExtension.php

@@ -320,7 +320,7 @@ public function smarty_modifier_debug_print_var($var, $max = 10, $length = 40, $
 					break;
 				}
 				foreach ($var as $curr_key => $curr_val) {
-					$results .= '<br>' . str_repeat('&nbsp;', $depth * 2) . '<b>' . strtr($curr_key, $_replace) .
+					$results .= '<br>' . str_repeat('&nbsp;', $depth * 2) . '<b>' . htmlspecialchars(strtr($curr_key, $_replace)) .
 						'</b> =&gt; ' .
 						$this->smarty_modifier_debug_print_var($curr_val, $max, $length, ++$depth, $objects);
 					$depth--;
@@ -338,7 +338,7 @@ public function smarty_modifier_debug_print_var($var, $max = 10, $length = 40, $
 				}
 				$objects[] = $var;
 				foreach ($object_vars as $curr_key => $curr_val) {
-					$results .= '<br>' . str_repeat('&nbsp;', $depth * 2) . '<b> -&gt;' . strtr($curr_key, $_replace) .
+					$results .= '<br>' . str_repeat('&nbsp;', $depth * 2) . '<b> -&gt;' . htmlspecialchars(strtr($curr_key, $_replace)) .
 						'</b> = ' . $this->smarty_modifier_debug_print_var($curr_val, $max, $length, ++$depth, $objects);
 					$depth--;
 				}