PHP :: Bug #23633 :: Seg. Fault on ugly preg matching

Bug #23633	Seg. Fault on ugly preg matching
Submitted:	2003-05-14 23:22 UTC	Modified:	2003-05-15 09:21 UTC
From:	sprice at wisc dot edu	Assigned:
Status:	Not a bug	Package:	PCRE related
PHP Version:	4CVS-2003-05-14 (stable)	OS:	Mac OS 10.2.6
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	sprice at wisc dot edu
New email:
PHP Version:		OS:

New/Additional Comment:

[2003-05-14 23:22 UTC] sprice at wisc dot edu

This code:
<?php
$glossary = file_get_contents( '/Users/sprice/Desktop/
glossary.htm' );
$matches = array();

preg_match_all( '/<td width="140"><b><font face="Arial, 
Helvetica, sans-serif" size="2">(\S|\s)+<\/font><\/
b><\/td>\s+<td width="525">/', $glossary, $matches );
?>
(glossary.htm can be found here:
http://botit.botany.wisc.edu/courses/structure_cd/
glossary.htm )

causes a segmentation fault (at least when run from the 
CLI). I suspect it is because it matches approx. 25764 
(227^2/2) things in the given html document. This also 
occurs when you replace preg_match_all() with 
preg_match().

This is output from GDB (Someone might want to 
duplicate results because I don't know what I am doing 
w/ GDB):
Program received signal EXC_BAD_ACCESS, Could not 
access memory.
match (eptr=0x49907f "ze=\"2\">multiple \r\n", ' ' 
<repeats 18 times>, "nuclei bounded by a single cell 
wall</font></td>\r\n", ' ' <repeats 14 times>, "</
tr>\r\n", ' ' <repeats 14 times>, "<tr> \r\n", ' ' 
<repeats 16 times>, "<td width=\"140\"><b><font 
face=\"Arial, Helvetica, sans-se"..., ecode=0x46f62f 
"=", offset_top=4, md=0xbfffd790, ims=0, 
eptrb=0xbff80290, flags=2) at /usr/local/php/php4-
STABLE-200305150330/ext/pcre/pcrelib/pcre.c:4136
4136    {


I can see why PHP would crash, but any crash is a bad 
crash, no?

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-05-15 09:21 UTC] sniper@php.net

See bug #13618 and bug #20698

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 22:01:29 2024 UTC