php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #50098 preg_replace cause Apache error and retart.
Submitted: 2009-11-06 09:18 UTC Modified: 2011-09-05 09:23 UTC
Votes:3
Avg. Score:4.3 ± 0.5
Reproduced:3 of 3 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (33.3%)
From: zhongxueming at gmail dot com Assigned:
Status: No Feedback Package: Scripting Engine problem
PHP Version: 5.2.11 OS: Windows XP, Windows Server 2003
Private report: No CVE-ID: None
View Developer Edit
 [2009-11-06 09:18 UTC] zhongxueming at gmail dot com 
Description:
------------
When I execute a sql by Zend DB, I got a connection error, 
and found an error in apache error log. 
After tracking, I found the problem is preg_replace function.
I think you can replay this problem by the test code.

Env:
 Windows XP, Windows Server 2003
 Apache 2.2.13
 PHP php-5.2.11

 

Reproduce code:
---------------
function testPregReplace() {
	$sql = "SELECT \"t_skill_label\".\"c_name\" FROM \"t_skill_label\" WHERE (\"c_name\" = '????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????') AND (\"c_id\" != '3') LIMIT 1";
	echo preg_replace("/'(''|\\\\{2}|[^'])*'/", '', $sql);
}
testPregReplace();


Expected result:
----------------
Apache not be restarted.

Actual result:
--------------
This test code will cause apache error. 
You can confirm it in the apache error log.
The browser display a connection error.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-11-07 21:31 UTC] felipe@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
 [2009-11-15 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2011-09-05 08:30 UTC] csnaitsirch at web dot de 
Hi. I think I have the same problem like the editor of this bug.

I am using PHP 5.3.8 on Windows 7. But my RegEx is a little bit different. The bug occurs only on Windows if the script is executed via Apache. I have no problems on Linux and no problem if I execute the script via Windows Shell. Debug and APC modules are deactivated already.

I have generated a backtrace already, but I don't know where to upload it.

Reproduce code:
---------------
<?php
$sql = "INSERT INTO `oo` (`to`,`subject`,`text`,`creation_time`) VALUES ('','',''),('','','',''),('','','','ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo')";

$sql = preg_replace("/'(\\'|\\{2}|[^'])*'/", '', $sql);
echo $sql;
?>


Expected result:
---------------
INSERT INTO `oo` (`to`,`subject`,`text`,`creation_time`) VALUES ()

Actual result:
---------------
The connection to the server is refused.
But if I remove one or more of the many 'o's, the script works fine.
 [2011-09-05 09:23 UTC] pajoye@php.net 
Increase Apache's stack and it will work. It is not a bug in php (see other bugs 
to see how to increase the stack size).
 [2011-09-05 10:19 UTC] csnaitsirch at web dot de 
Sorry, but I could not find any bugs where it is described how to increase stack size.
I tried to increase Apache's 'ThreadStackSize' to '32MB' but it does not make any difference.

A hint at this problem on the documentation of 'preg_replace' would be nice. Maybe with a link to a small manual how to resolve the problem.

A PHP error message would be a nice improvement. PHP should not overstock Apache's stack. Isn't there any possibility for a check?
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri May 09 06:01:27 2025 UTC