PHP :: Bug #61068 :: Regexp crashes http server

Bug #61068	Regexp crashes http server
Submitted:	2012-02-13 08:53 UTC	Modified:	2012-02-22 09:49 UTC
From:	bald at epf dot pl	Assigned:
Status:	Not a bug	Package:	PCRE related
PHP Version:	5.3.10	OS:	Windows 7
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	bald at epf dot pl
New email:
PHP Version:		OS:

New Comment:

[2012-02-13 08:53 UTC] bald at epf dot pl

Description:
------------
Regular expression crashes http server. It's all because character < at the beginning of te string.

Test script:
---------------
<?php

$string = '< PASS_COUNT; i++) { if (strcmp(password, PASSWD2) == 0) continue;	 } c++; if (c == 3) break; }	 // Tu wlasciwe sprawdzanie hasla }dku gdy liczy sie wydajnosc, gdyz petle zabieraja niestety troche czasu :( ale jest to niewiele i w sumie to nie czuc roznicy. Kolejna sprawa jest sposob porownywania hasla. NIGDY nie dokonuj deszyfracji klucza w programie (mam nadzieje ze chociaz szyfrujesz klucze :)). Jest to pierwsza i najwazniejsza zasada ! Wiec jak sprawdzic czy wprowadzony klucz jest poprawny. Zaszyfruj go i porownaj zaszyfrowane klucze. Ktos kto sledzi Twoj program ma wtedy utrudnione zadanie, a gdy poprawny klucz jest deszyfrowany to ktos sobie przejdzie do momentu az klucz bedzie zdeszyforwany i tylko go spisze. Od metody szyfracji zalezy bezpieczenstwo Twojego programu wiec staraj sie dobierac algorytm, ktory dobrze szyfruje (nie mowie tu o Triple-DES itp. ;) ). Marzeniem bylby algorytm jednostronny, ktorego odszyfrowania jest trudniejsze niz brute-force ale na to nie licz. Najlepiej ';
preg_match('~(</?)(\w*)((/(?!>)|[^/>])*)(/?>)~', $string, $matches);

?>

Expected result:
----------------
Blank page.

Actual result:
--------------
Apache fails.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-02-13 09:01 UTC] rasmus@php.net

-Status: Open +Status: Feedback

[2012-02-13 09:01 UTC] rasmus@php.net

I was unable to reproduce any sort of Apache crash with this code on Linux. Are 
you really on XP? What does it say in your Apache logs?

[2012-02-13 10:43 UTC] bald at epf dot pl

Sorry, it's Windows 7. Apache logs does not really say anything. This regular expression just kills my httpd.exe proccess. Works fine without character < at the begining of the $string variable.

[2012-02-13 10:43 UTC] bald at epf dot pl

-Status: Feedback +Status: Open -Operating System: Windows XP +Operating System: Windows 7

[2012-02-13 11:37 UTC] bald at epf dot pl

Apache version: 2.2.22
I downloaded thread safe version of PHP. 

Works fine when I use command line:

php test.php

[2012-02-15 00:57 UTC] aharvey@php.net

-Status: Open +Status: Feedback -Package: *Regular Expressions +Package: PCRE related

[2012-02-15 00:57 UTC] aharvey@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

Works for me, too. I don't think we can really progress this without a backtrace.

[2012-02-22 07:37 UTC] pajoye@php.net

It is not something PHP is responsible for. The stacksize of Apache is too 
small, it works in PHP's cli because PHP builds have a larger default stacksize.

You can increase it using this config option:

http://httpd.apache.org/docs/2.2/mod/mpm_common.html#ThreadStackSize

or change the default stacksize of the Apache binaries:

http://msdn.microsoft.com/en-us/library/xd3shwhf.aspx

[2012-02-22 07:37 UTC] pajoye@php.net

-Status: Feedback +Status: Not a bug

[2012-02-22 08:29 UTC] JBlond at gmail dot com

It would be cool to know which ThreadStackSize in the httpd.conf is "enough" to run your code.

[2012-02-22 09:16 UTC] pajoye@php.net

@jbond

simply increase the apache binaries default stack to 8MB (process) using editbin 
and it should work for most php users.

[2012-02-22 09:49 UTC] bald at epf dot pl

Setting ThreadStackSize to 295536 works for me (Windows 7). Thanks. 

P.S. This regular expression (~(</?)(\w*)((/(?!>)|[^/>])*)(/?>)~) comes from Zend 
Framework (HTML filter class), so that may cause problems on application based on 
Zend Framework.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Mon Nov 25 01:01:31 2024 UTC