php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #23285 zendlex coredump
Submitted: 2003-04-20 05:42 UTC Modified: 2003-05-29 04:03 UTC
Votes:1
Avg. Score:1.0 ± 0.0
Reproduced:0 of 1 (0.0%)
From: momo@php.net Assigned: wez (profile)
Status: Closed Package: Scripting Engine problem
PHP Version: 4.3.3-dev OS: RH9
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: momo@php.net
New email:
PHP Version: OS:

 

 [2003-04-20 05:42 UTC] momo@php.net 
coz the zendlex() function is recursive for some cases, it's quite easy dumping zend core.

e.g, just repeat the comments enough times on the following script (i did it 500,000 times but may less is nedded):
<? /**/ /**/ /*....... /**/ ?>


is this consider a bug?

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-05-20 19:19 UTC] iliaa@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

It appears recent changes have resolved this bug.
 [2003-05-21 10:15 UTC] sniper@php.net 
It still happens for me (using gcc 2.95.3)..
 [2003-05-25 06:37 UTC] momo@php.net 
the bug still exists using gcc version 3.2.2 20030222 
here how u can easly reproduce it:

[root@moshe-lap php4]# cat ../../gen-php-seg.php
<?
$p = fopen("tmp","wb");
$str="";
for($a=0;$a<1024;$a++) $str.="/**/ ";
fwrite($p,"<? ");
for($a=0;$a<512;$a++) fwrite($p,$str);
fwrite($p," ?> ");
fclose($p);
?>

[root@moshe-lap php4]# ./sapi/cli/php ../../tmp
Segmentation fault
 [2003-05-28 16:39 UTC] wez@php.net 
Try this patch:
http://www.php.net/~wez/zendlex.diff
 [2003-05-28 20:05 UTC] sniper@php.net 
Yes, that patch makes it not to crash anymore.
If there aren't any side-effects of it..commit? :)
 [2003-05-29 04:03 UTC] wez@php.net 
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed Apr 24 05:01:30 2024 UTC