php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #45488 preg_replace failed when the $subject parameter length exceeds 100009
Submitted: 2008-07-11 17:57 UTC Modified: 2008-07-12 16:06 UTC
From: webez dot cn at gmail dot com Assigned:
Status: Not a bug Package: PCRE related
PHP Version: 5.2.6 OS: *
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: webez dot cn at gmail dot com
New email:
PHP Version: OS:

 

 [2008-07-11 17:57 UTC] webez dot cn at gmail dot com
Description:
------------
if the $subject parameter's length exceeds 100009, str_replace has no return value.

This has been reproduced on windows 2003 with php 5.2.6 and Linux with php 5.2.5

PS:
If there is backslash in the $subject parameter and $pattern parameter, the critical poiont will change, the maximum string length to reproduce this bug will increase.

Reproduce code:
---------------
<?
$dummyText=str_pad("[start]",100016-strlen("[start][end]"),"*")."[end]";
str_replace_test($dummyText);
$dummyText=str_pad("[start]",100017-strlen("[start][end]"),"*")."[end]";
str_replace_test($dummyText);
function str_replace_test($dummyText){
	$result=preg_replace("/\[start\](.+?)\[end\]/eis","passed",$dummyText);
	$result==""?$result="failed":true;
	echo "str_replace with length: ".strlen($dummyText)." ".$result."<br>";
}
?>

Expected result:
----------------
str_replace with length: 100009 passed
str_replace with length: 100010 passed

Actual result:
--------------
str_replace with length: 100009 passed
str_replace with length: 100010 failed

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-07-12 16:06 UTC] felipe@php.net
This is expected, it when fails preg_last_error() returns: int(2)
That means PREG_BACKTRACK_LIMIT_ERROR.

See http://docs.php.net/manual/en/pcre.configuration.php#ini.pcre.backtrack-limit
 [2010-06-25 14:02 UTC] daniel dot reiche at tu-dresden dot de
if this is intended, shouldn't the manual reflect that and e.g. state that the subject length is limited by PCRE_BACKTRACK_LIMIT ?

Just happened to stumble over this myself, and only the Bug-Report Dialog showed this bug to me after i tried to write a new one.
Was not able to find it myself using the search!
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Oct 06 08:01:26 2024 UTC