php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #47962 preg_split cause Segmentation Fault
Submitted: 2009-04-13 15:50 UTC Modified: 2009-04-13 16:28 UTC
From: poltorak at alsenet dot com Assigned:
Status: Closed Package: PCRE related
PHP Version: 5.2.6 OS: Ubuntu Linux
Private report: No CVE-ID: None
 [2009-04-13 15:50 UTC] poltorak at alsenet dot com
Description:
------------
This code cause segmentation fault in PHP Version 5.2.6-2ubuntu4.1
I can't check it on 5.2.9 for now. Please check.

If I reduce 200 (in for cycle) to 100, everything works.
If I delete ",'1'" at the end of $t string, everything works.


Reproduce code:
---------------
<?
  $t = "'1','8','10','1','5','3','0','0','0','4','2','9','0','1';";

  $a = "";
  for ($i=0; $i<200; $i++)
   $a .= $t;

  print preg_split("/;+(?=([^'|^\\\']*['|\\\'][^'|^\\\']*['|\\\'])*[^'|^\\\']*[^'|^\\\']$)/", $a);
?>


Expected result:
----------------
Array

Actual result:
--------------
Segmentation Fault in error_log and empty page in browser.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-13 16:28 UTC] jani@php.net
Works fine with PHP 5.2.9. Update!
 [2015-11-27 06:07 UTC] qp10509 at gmail dot com
The same error occurred!!!

OS : Macintosh OSX 10.9.5
PHPVersion : [5.5.10] [5.4.26] [5.3.28] [5.2.17]
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Jan 23 17:01:23 2021 UTC