php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52990 PHP crash when PCRE exceed recursion limit.
Submitted: 2010-10-05 07:44 UTC Modified: 2010-10-07 04:10 UTC
From: sarun37823 at bigfoot dot com Assigned:
Status: Duplicate Package: PCRE related
PHP Version: 5.2.14 OS: *nix
Private report: No CVE-ID: None
 [2010-10-05 07:44 UTC] sarun37823 at bigfoot dot com
Description:
------------
Hello, I've got "Zero Sized Reply" when I try to replace a long string with PCRE.

Test script:
---------------
<?php
$strtest='';
for($i=0; $i<1024; $i++)$strtest.=chr(rand(1, 254));
$strtest.='B';
for($i=0; $i<1024*512; $i++)$strtest.=chr(rand(1, 254));
$strtest.='signature';
for($i=0; $i<1024; $i++)$strtest.=chr(rand(1, 254));

preg_replace('/b(?:.(?!signature))*.(sig.+)/sim', 'null${1}', $strtest);
?>

Expected result:
----------------
blank page

Actual result:
--------------
ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: *******

The following error was encountered: 
Zero Sized Reply 

Squid did not receive any data for this request. 

Your cache administrator is *******.
Generated Tue, 05 Oct 2010 05:28:19 GMT by ******* (squid/2.7.STABLE3)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-10-07 04:10 UTC] aharvey@php.net
-Status: Open +Status: Duplicate
 [2010-10-07 04:10 UTC] aharvey@php.net
Duplicate of an absolute tonne of bugs; most recently bug #52818.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Dec 10 05:01:26 2024 UTC