PHP :: Bug #49697 :: preg_replace crashes my system.

Bug #49697	preg_replace crashes my system.
Submitted:	2009-09-28 05:26 UTC	Modified:	2010-06-22 00:26 UTC
From:	donquixote dot phplist at googlemail dot com	Assigned:
Status:	Not a bug	Package:	PCRE related
PHP Version:	5.2.11	OS:	Windows XP
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	donquixote dot phplist at googlemail dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2009-09-28 05:26 UTC] donquixote dot phplist at googlemail dot com

Description:
------------
I found a regex / text combination that causes my apache to crash / restart with preg_replace. The example is a reduced version of Drupal's CSS compression regex.

The regex is not overly complex, and the text is not overly long.

Reproducing this depends on system configuration: On my webspace it does not crash.
But, on my localhost it always crashes with this regex / text combination. Removing a few letters in the text (no matter which) makes the bug not happen.

More info in the linked file.

So:
It seems that preg_replace is not the most robust piece of code. No matter what you feed it, it should never ever crash!

And, btw:
I was going to report this as a comment on http://bugs.php.net/bug.php?id=46551, but the comment form results in an error page.
("Authentication failed: Incorrect username 
Warning: Cannot modify header information - headers already sent by (output started at /home/Web/sites/php-bugs-web/include/auth.inc:30) in /home/Web/sites/php-bugs-web/bug.php on line 232")

Reproduce code:
---------------
standalone script at
http://drupal.org/files/issues/test.php__1.txt

posted here
http://drupal.org/node/444228#comment-2089300

Expected result:
----------------
preg_replace should do its job (compressing the CSS).
Or show a meaningful error message, if there is a valid reason why this is not possible.

Actual result:
--------------
Apache crash / restart, with no useful error message in error.log, except the usual restart messages.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-09-28 06:57 UTC] jani@php.net

From php.ini-dist:

[Pcre]
;PCRE library backtracking limit.
;pcre.backtrack_limit=100000

;PCRE library recursion limit. 
;Please note that if you set this value to a high number you may consume all 
;the available process stack and eventually crash PHP (due to reaching the 
;stack size limit imposed by the Operating System).
;pcre.recursion_limit=100000

So you should tune these to be such that it won't crash anymore.

[2009-10-06 01:00 UTC] php-bugs at lists dot php dot net

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

[2010-04-25 20:53 UTC] felipe@php.net

Not a PHP bug.

[2010-06-22 00:26 UTC] felipe@php.net

-Status: No Feedback +Status: Bogus

[2010-06-22 00:26 UTC] felipe@php.net

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 14:01:32 2024 UTC