php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #40706 preg_match crash
Submitted: 2007-03-03 15:12 UTC Modified: 2007-03-05 09:58 UTC
From: askold2 at velo dot nsk dot ru Assigned:
Status: Not a bug Package: PCRE related
PHP Version: 4.4.6 OS: any
Private report: No CVE-ID: None
 [2007-03-03 15:12 UTC] askold2 at velo dot nsk dot ru
Description:
------------
the regular expression like ((any text)*(other text)*)* produce the hang or crash of PHP program. In the previous versions of php all worked properly.

Reproduce code:
---------------
$subj="sdfgsdg";
if(preg_match('/^((a)*(b)*)*$/',$subj))
  echo "match";
else
  echo "not match";


Expected result:
----------------
"match" or "not match" printing


Actual result:
--------------
nothing. the hung of script on my unux hosting and breaking program in windows

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-03-04 13:47 UTC] bmihelac at mihelac dot org
I have similiar problem both on linux and windows. On windows it crashes PHP without any error notices. I am not sure if it crash PHP on linux/unix.

Seems that regex with nested parenthesizes are especially vunerable, for example:
$pattern = '/"([^"\\\\]*(?:(?:\\\\.)*[^"\\\\]*)*)"/';
 [2007-03-05 09:58 UTC] tony2001@php.net
We can't fix PCRE stack overflow (it's not PHP problem anyway), but we have a workaround for it in PHP5.
Please consider upgrading.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 23 16:01:27 2024 UTC