php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #38512 PCRE 6.6 crashing PHP with specific calls to preg_match()
Submitted: 2006-08-19 13:51 UTC Modified: 2006-08-22 08:14 UTC
Votes:15
Avg. Score:4.7 ± 1.0
Reproduced:7 of 12 (58.3%)
Same Version:7 (100.0%)
Same OS:1 (14.3%)
From: peter dot mescalchin at gmail dot com Assigned:
Status: Closed Package: PCRE related
PHP Version: 5.1.5 OS: Windows XP
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: peter dot mescalchin at gmail dot com
New email:
PHP Version: OS:

 

 [2006-08-19 13:51 UTC] peter dot mescalchin at gmail dot com 
Description:
------------
Passing large strings to PCRE functions in PHP versions 5.1.3 or greater and Apache 2.0.59 with the regexp "/(\r|\n|.)*/" crashes PHP/Apache request.

Referring to the source code, a string length greater than 376 character crashes the request.

Rolling back to PHP 5.1.2, using PCRE 6.2 works correctly without crashing for string lengths greater than 376 characters.

The bug is very similar to the following PHP bug report:

http://bugs.php.net/bug.php?id=24460

Reproduce code:
---------------
<?PHP

$test = str_repeat('a',377);

// preg_match() will crash the request
preg_match('/(\r|\n|.)*/',$test);

?>

Expected result:
----------------
The script to end gracefully.

Actual result:
--------------
Crashing of the PHP request.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-08-21 08:29 UTC] tony2001@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip
 [2006-08-22 08:11 UTC] peter dot mescalchin at gmail dot com 
The 5.2 build fixes the issue. This bug can be closed I guess.

Thanks.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 22:01:28 2024 UTC