php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #39387 preg_match/replace segfaults on certain user data.
Submitted: 2006-11-05 00:49 UTC Modified: 2006-12-01 20:23 UTC
Votes:3
Avg. Score:4.7 ± 0.5
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:0 (0.0%)
From: php at vicaya dot com Assigned: andrei (profile)
Status: Not a bug Package: PCRE related
PHP Version: 5.2.0 OS: Linux/amd64
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: php at vicaya dot com
New email:
PHP Version: OS:

 

 [2006-11-05 00:49 UTC] php at vicaya dot com 
Description:
------------
Both PHP 5.2.0 (pcre 6.7) and 5.1.6 (pcre 6.6) have this problem:

A working pattern segfaults on certain user data. Could be stack overflow in pcre_exec/match.

This patterns is almost straight from the documentation:
/\{(?:(?>[^{}]+)|(?R))+\}/Us

Basically to match nested {} (instead of parentheses)

I found a simple workaround to the particular problem I have, but the code should not segfault.

Note if you change the 12000 in the code to anything less than 8158, it will produce the correct result.

Reproduce code:
---------------
<?= preg_match('/{(?:(?>[^{}]+)|(?R))+}/Us',
    '{open'. str_repeat('.', 12000) .'{open}'), "\n"?>


Expected result:
----------------
1

Actual result:
--------------
Segmentation fault

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-12-01 20:23 UTC] nlopess@php.net 
another stack overflow problem. you can use the new ini settings to prevent the segfault or increase the stack size.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Jul 03 19:01:35 2025 UTC