php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #41638 Stack overflow in pcre
Submitted: 2007-06-08 17:57 UTC Modified: 2007-06-10 18:38 UTC
From: hirainchen at gmail dot com Assigned:
Status: Not a bug Package: PCRE related
PHP Version: 5.2.3 OS: ALL
Private report: No CVE-ID: None
 [2007-06-08 17:57 UTC] hirainchen at gmail dot com
Description:
------------
PCRE Library Version => 7.0 18-Dec-2006
this version PCRE seems doesn't work well with PHP.
I met same problem with php5.2.1+PCRE 7.0 in FreeBSD, resolved by downgrading to PCRE 6.7(blog detail: http://translate.google.com/translate?u=http%3A%2F%2Fhi.baidu.com%2Frainchen%2Fblog%2Fitem%2Fb6321038cf289bf3b211c7bf.html&langpair=zh%7Cen&hl=en&newwindow=1&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools)

I had tried to set php.ini as :
[Pcre]
pcre.backtrack_limit=100000
pcre.recursion_limit=100000

but not helping

Reproduce code:
---------------
<?php
$str = "repeater id='loopt' dataSrc=subject colums=2";
preg_match_all("/(['\"])((.*(\\\\\\1)*)*)\\1/sU",$str,$str_instead);

echo "<xmp>";
print_r($str_instead);
?>

Expected result:
----------------
<xmp>Array
(
    [0] => Array
        (
            [0] => 'loopt'
        )

    [1] => Array
        (
            [0] => '
        )

    [2] => Array
        (
            [0] => loopt
        )

    [3] => Array
        (
            [0] => loopt
        )

    [4] => Array
        (
            [0] =>
        )

)

Actual result:
--------------
<xmp>Array
(
    [0] => Array
        (
        )

    [1] => Array
        (
        )

    [2] => Array
        (
        )

    [3] => Array
        (
        )

    [4] => Array
        (
        )

)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-06-08 18:34 UTC] stas@php.net
Looks like stack overflow to me. Happens also on Linux. 
Try setting your limits lower.
 [2007-06-08 18:41 UTC] hirainchen at gmail dot com
had tried to set as 5000,1000,500 but not helpful
 [2007-06-09 21:09 UTC] nlopess@php.net
your regex is wrong.
try e.g. this:
preg_match_all('/([\'"])((.*(\1)*)*)\1/sU',$str,$str_instead);
 [2007-06-10 06:09 UTC] hirainchen at gmail dot com
to nlopess:

the result of your regex is:
<xmp>Array
(
    [0] => Array
        (
            [0] => 'loopt'
        )

    [1] => Array
        (
            [0] => '
        )

    [2] => Array
        (
            [0] => loopt
        )

    [3] => Array
        (
            [0] => t
        )

    [4] => Array
        (
            [0] =>
        )

)

not totally equal the expected result, and my regex is working well with PHP5.2.1+PCRE 6.7. I google this problem,found many people met the same kind issue.
 [2007-06-10 18:38 UTC] nlopess@php.net
Sorry, I misread your original regex, but still this isn't a PHP bug.
The problem here is that pcre is hitting the recursion limit with your regex (while I understand why - nesting of * - I don't think it was supposed to happen).

Please forward your bug report to the PCRE dev team at: pcre-dev@exim.org
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 09:01:26 2024 UTC