php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #55819 segfault on mb_ereg_replace_callback
Submitted: 2011-09-30 08:06 UTC Modified: 2011-10-07 04:26 UTC
From: laruence@php.net Assigned: laruence (profile)
Status: Closed Package: mbstring related
PHP Version: 5.4SVN-2011-09-30 (SVN) OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: laruence@php.net
New email:
PHP Version: OS:

 

 [2011-09-30 08:06 UTC] laruence@php.net 
Description:
------------
there are two segfault when run test of mbstring:
Test mb_ereg_replace() function : usage variations 
[ext/mbstring/tests/mb_ereg_replace_variation2.phpt]
Test mb_ereg_replace() function : usage variations 
[ext/mbstring/tests/mb_ereg_replace_variation3.phpt]


Expected result:
----------------
pass

Actual result:
--------------
segfault:
#0  0x0000000000653edc in _php_mb_regex_ereg_replace_exec (ht=4, 
return_value=0x2a95de6768, return_value_ptr=0x0, this_ptr=0x0, 
return_value_used=1, options=0, is_callable=0)
    at /home/huixc/opensource/php-src/trunk/ext/mbstring/php_mbregex.c:924
924						if ((replace_len - i) >= 2 && 
fwd == 1 &&
(gdb) bt
#0  0x0000000000653edc in _php_mb_regex_ereg_replace_exec (ht=4, 
return_value=0x2a95de6768, return_value_ptr=0x0, this_ptr=0x0, 
return_value_used=1, options=0, is_callable=0)
    at /home/huixc/opensource/php-src/trunk/ext/mbstring/php_mbregex.c:924
#1  0x000000000065531f in zif_mb_ereg_replace (ht=4, return_value=0x2a95de6768, 
return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
    at /home/huixc/opensource/php-src/trunk/ext/mbstring/php_mbregex.c:1031
#2  0x00000000008d3de6 in zend_do_fcall_common_helper_SPEC 
(execute_data=0x2a95dac0e8) at /home/huixc/opensource/php-
src/trunk/Zend/zend_vm_execute.h:642
#3  0x00000000008da583 in ZEND_DO_FCALL_SPEC_CONST_HANDLER 
(execute_data=0x2a95dac0e8) at /home/huixc/opensource/php-
src/trunk/Zend/zend_vm_execute.h:2215
#4  0x00000000008d2aea in execute (op_array=0x2a95de03b0) at 
/home/huixc/opensource/php-src/trunk/Zend/zend_vm_execute.h:410
#5  0x000000000089b19f in zend_execute_scripts (type=8, retval=0x0, 
file_count=3) at /home/huixc/opensource/php-src/trunk/Zend/zend.c:1271
#6  0x000000000081bb23 in php_execute_script (primary_file=0x7fbffff400) at 
/home/huixc/opensource/php-src/trunk/main/main.c:2391
#7  0x00000000009bb061 in do_cli (argc=66, argv=0x7fbffff6e8) at 
/home/huixc/opensource/php-src/trunk/sapi/cli/php_cli.c:983
#8  0x00000000009bbf02 in main (argc=66, argv=0x7fbffff6e8) at 
/home/huixc/opensource/php-src/trunk/sapi/cli/php_cli.c:1356

Patches

bug55819.diff (last revision 2011-09-30 15:14 UTC by laruence@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-09-30 15:14 UTC] laruence@php.net 
The following patch has been added/updated:

Patch Name: bug55819.diff
Revision:   1317395694
URL:        https://bugs.php.net/patch-display.php?bug=55819&patch=bug55819.diff&revision=1317395694
 [2011-09-30 15:16 UTC] laruence@php.net
-PHP Version: 5.3.8 +PHP Version: 5.4.0beta1 -Assigned To: +Assigned To: hirokawa
 [2011-09-30 15:16 UTC] laruence@php.net 
hirokawa, plz look at this, thanks :)
 [2011-10-01 04:06 UTC] laruence@php.net
-PHP Version: 5.4.0beta1 +PHP Version: 5.3SVN-2011-09-30 (SVN)
 [2011-10-01 04:06 UTC] laruence@php.net 
this segfault only exists in svn trunk now.
 [2011-10-06 13:23 UTC] laruence@php.net
-PHP Version: 5.3SVN-2011-09-30 (SVN) +PHP Version: 5.4SVN-2011-09-30 (SVN) -Assigned To: hirokawa +Assigned To: laruence
 [2011-10-06 13:23 UTC] laruence@php.net 
Assign to myself, and will cc to hirokawa, ask for his review.
 [2011-10-07 04:23 UTC] laruence@php.net
-Summary: segfault on mbstring tests +Summary: segfault on mb_ereg_replace_callback
 [2011-10-07 04:23 UTC] laruence@php.net 
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&revision=317850
Log: Fix #55819 crash on mb_ereg_replace_callback
Need hirokawa to review this.
 [2011-10-07 04:26 UTC] laruence@php.net
-Status: Assigned +Status: Closed
 [2011-10-07 04:26 UTC] laruence@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-04-18 09:48 UTC] laruence@php.net 
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=c8ff0fe2542c296eda4e337a308ac9bb4e2df1ed
Log: Fix #55819 crash on mb_ereg_replace_callback Need hirokawa to review this.
 [2012-07-24 23:39 UTC] rasmus@php.net 
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=c8ff0fe2542c296eda4e337a308ac9bb4e2df1ed
Log: Fix #55819 crash on mb_ereg_replace_callback Need hirokawa to review this.
 [2013-11-17 09:36 UTC] laruence@php.net 
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=c8ff0fe2542c296eda4e337a308ac9bb4e2df1ed
Log: Fix #55819 crash on mb_ereg_replace_callback Need hirokawa to review this.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 02:01:28 2024 UTC