PHP :: Bug #1059 :: sequence of str_replace statements results in a reproducable PHP crash

Bug #1059	sequence of str_replace statements results in a reproducable PHP crash
Submitted:	1999-01-12 10:56 UTC	Modified:	1999-01-12 11:06 UTC
From:	abbaer at landsend dot com	Assigned:
Status:	Closed	Package:	Reproducible Crash
PHP Version:	3.0.6	OS:	Windows 95
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	abbaer at landsend dot com
New email:
PHP Version:		OS:

New Comment:

[1999-01-12 10:56 UTC] abbaer at landsend dot com

<?
	$baseURL="http://www.landsend.com/";
	if ($url=="") { 
    		$url=$baseURL.'spawn.cgi@ZEROPAGE&GRAPHIC&NODEPROD0795&0916064873251';
    	} else {
		#process our own query string;
		$url=substr($QUERY_STRING,strpos($QUERY_STRING,'=')+1);
	}	
	$div=strpos($url,"@");
	$url[$div]="?";
	$xf=fopen($url, "r" );
	$contents = fread( $xf, 100000 );
        fclose( $xf );

	$contents = str_replace("BACKGROUND=\"/","BACKGROUND=\"http://www.landsend.com/",$contents);
	$contents=str_replace( "IMG SRC=\"", "IMG SRC=\"http://www.landsend.com", $contents );
	$contents=str_replace( "img src=\"", "IMG SRC=\"http://www.landsend.com", $contents );
	echo $contents;
?>

addition of the third str_replace statement causes the crash.

PHP caused an invalid page fault in
module PHP.EXE at 014f:0044087a.
Registers:
EAX=000046a8 CS=014f EIP=0044087a EFLGS=00010202
EBX=69696969 SS=0157 ESP=006bec70 EBP=00d3d9f0
ECX=00000000 DS=0157 ESI=00d2d9d4 FS=13bf
EDX=00d34000 ES=0157 EDI=e8686868 GS=0000
Bytes at CS:EIP:
8b 0a 33 cb bf ff fe fe 7e 03 f9 83 f1 ff 33 cf 
Stack dump:
00e11500 00d3301c 004176bb 00d3301c 00000069 00005690 00000020 0047e4fc 006bfda8 0047e4f0 00d33064 00005690 00d3305c 0041757e 00d3d9f0 00d2d9d4

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[1999-01-12 11:06 UTC] rasmus

Fixed in CVS

[2022-09-13 11:59 UTC] git@php.net

Automatic comment on behalf of derickr
Revision: https://github.com/php/doc-en/commit/bc70945d852c43eb03b4235e42af868d88931993
Log: Fixed #1059: DateTime::diff Not handling DST changes correctly

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Jul 05 06:01:36 2025 UTC