|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2008-06-10 13:05 UTC] felipe@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Jul 13 09:01:32 2025 UTC |
Description: ------------ I can reproduce a segfault in a preg_match call with a particular regular expression and target text (which is a large html file). The offending regEx and a very similar one which does not segfault are included in the script I've attached. Reproduce code: --------------- <?php $text = file_get_contents($argv[1]); //$text = "A test string....sdflsmdfs;ldfkgns;dklfjgnsdlkfjgns;df'adslfm,qr;ijgaldsfknvsdl,fbnwle;frnsdlkfjnsldkfjnvsdlkfjnbsldkfjnsldkfjgnsldkfjgnslkdfjgnsdffls dflkgdf;lkgwndf;lkgnsdfkjngsfmn,sdfgsbndflkgjsbdflgkjsdbfglkjsdnfglksjdfnglksdjfnglsdkfjg"; $exp1 = "/(<[^>^<]{1,20}>){0,1}(\s|<[^<^>]+>| )+L(<[^>^<]{1,20}>){0,1}imitation(\s|<[^<^>]+>| )+/"; $exp2 = "/(<[^>^<]{1,20}>){0,1}(\s|<[^<^>]+>| )+L(<[^>^<]{1,20}>){0,1}imitation(\s|<[^<^>]+>| )+o/"; preg_match($exp1, $text); echo "Passed Expression 1\n"; preg_match($exp2, $text); echo "Passed Expression 2\n"; ?> Expected result: ---------------- The file may or may not match the regEx, out of memory maybe, but certainly it shouldn't segfault. Actual result: -------------- The reg ex string in $exp1 runs ok. The expression in $exp2 is only one character longer and produces a segfault when run on the file publicly available here: http://dev.xtractresearch.com/SD11212006CA.htm A segfault does not happen when instead of this file a shorter string of text is used (commented out in the script code). Length of the file should not be an issue since the first regEx completes ok.