PHP :: Bug #46754 :: Infinite recursion in _

Bug #46754	Infinite recursion in __toString method causes crash
Submitted:	2008-12-05 02:52 UTC	Modified:	2012-03-14 17:21 UTC
From:	kalle@php.net	Assigned:
Status:	Not a bug	Package:	Scripting Engine problem
PHP Version:	5.2.6	OS:	*
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2008-12-05 02:52 UTC] kalle@php.net

Description:
------------
Same type of crash as reported in #46156, instead of a crash a memory_limit error is expected.

Reproduce code:
---------------
<?php
	class Crash
	{
		public function __toString()
		{
			return((string) new self);
		}
	}

	echo new Crash;
?>

Expected result:
----------------
memory_limit error

Actual result:
--------------
Crash

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-12-05 09:31 UTC] derick@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

Infinite recursion crashes, and always has. This should work in PHP 5.3 though, as we don't generally use stack for recursion anymore.

[2012-03-14 16:38 UTC] mail at willdaniels dot co dot uk

Using 5.3.10 infinite recursion in __toString still causes a segmentation fault.

Are you really saying that it's OK to just leave the possibility for arbitrary PHP scripts to cause segfaults, potentially taking down a whole webserver process when using PHP as a shared library?

Maybe a webserver _can_ implement ways to handle such things, but not all do, and infinite recursion in normal class methods dies more gracefully.

IMHO preventable segfaults are just too serious to ignore in something that is _intended_ to be usable as a shared library, so I think this is valid a bug.

[2012-03-14 17:20 UTC] rasmus@php.net

No, it isn't ok which is why it is fixed in PHP 5.3 which was released 3 years 
ago.

[2012-03-14 17:21 UTC] rasmus@php.net

Oops, sorry, misread. I was reading the original report. The case reported was 
fixed.

[2012-03-15 02:22 UTC] mail at willdaniels dot co dot uk

The case reported is the same as my issue and the code posted in the original report still segfaults for me using 5.3.10.

Admittedly I am using a packaged build from the current Ubuntu development branch ("precise" 12.04) and I know that Debian/Ubuntu do plenty of their own patching of the PHP sources, which I have sometimes found to create problems that don't otherwise exist.

So that is why I came straight to the "upstream" bug tracker to see if the issue was known to exist for purer and/or newer builds. But how then to interpret the exact same bug already reported years back and rejected for being "not a bug"? There didn't seem to be any point in pursuing the issue in that case, hence some annoyance in my tone.

But if PHP would indeed be interested to fix it, I'll check using latest, unaltered sources and file a new bug if it's still an issue...

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 01:01:28 2024 UTC