php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #40630 preg_match_all with a particular regexp causes run-away php/apache process
Submitted: 2007-02-25 20:02 UTC Modified: 2007-03-12 00:59 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: mfburdett at gmail dot com Assigned:
Status: Closed Package: PCRE related
PHP Version: 5.2.1 OS: FreeBSD 6.2
Private report: No CVE-ID: None
 [2007-02-25 20:02 UTC] mfburdett at gmail dot com
Description:
------------
preg_match_all with a particular regexp causes a run-away Apache/PHP processes which consumes all available CPU.  This is on amd64 architecture; FreeBSD 6.2; PCRE 7.0 and PHP 5.2.1 installed through FreeBSD ports.

Reproduce code:
---------------
$regexp = '%(?:^|,\ *)("(?>[^"]*)(?>""[^"]* )*"|(?: [^",]*))%x';
preg_match_all($regexp, $string, $matches);

Expected result:
----------------
It should compile and execute.

Actual result:
--------------
Process consumes all available CPU until killed.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-02-25 23:07 UTC] nlopess@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip


 [2007-02-26 00:28 UTC] mfburdett at gmail dot com
At the moment I don't have access to a non-production amd64 box, so I cannot test the snapshot.  I cannot reproduce the issue on a i386 box.
 [2007-02-26 09:31 UTC] tony2001@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2007-02-26 16:32 UTC] mfburdett at gmail dot com
<?php 
  $regexp = '%(?:^|,\ *)("(?>[^"]*)(?>""[^"]* )*"|(?: [^",]*))%x'; 
  preg_match_all($regexp, $string, $matches); 
?>
 [2007-02-26 16:35 UTC] tony2001@php.net
Notice: Undefined variable: string 
 [2007-02-26 16:36 UTC] mfburdett at gmail dot com
<?php 
  $regexp = '%(?:^|,\ *)("(?>[^"]*)(?>""[^"]* )*"|(?: [^",]*))%x'; 
  $string = ''; 
  preg_match_all($regexp, $string, $matches); 
?>
 [2007-02-26 16:46 UTC] tony2001@php.net
Does PHP CLI work for you?
What kind of Apache are you using? Version? MPM?
Can you provide a GDB backtrace?
Can you try building the snapshot (doesn't matter where, you don't have to install it, just build it and run the script using sapi/cli/php).
 [2007-02-26 18:07 UTC] mfburdett at gmail dot com
Same issue running the script via PHP commandline.  Am installing snapshot in home directory now.
 [2007-02-26 18:18 UTC] mfburdett at gmail dot com
I tested cli php5.2-200702261730 and the issue appears to be resolved in that snapshot.
 [2007-02-26 18:22 UTC] tony2001@php.net
Great, marking as closed then.
Please reopen the report if the issue re-appears and/or you have any additional information.
 [2007-03-12 00:59 UTC] mfburdett at gmail dot com
This issue has been resolved in FreeBSD Ports.
http://www.freebsd.org/cgi/query-pr.cgi?pr=109542 
http://www.freebsd.org/cgi/cvsweb.cgi/ports/lang/php5/Makefile.ext.diff?r1=1.41&r2=1.42&f=h
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sun Nov 17 07:01:34 2019 UTC