php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #62876 Stack Overflow on preg_replace
Submitted: 2012-08-20 21:04 UTC Modified: 2012-08-20 22:34 UTC
From: lart2150 at gmail dot com Assigned:
Status: Not a bug Package: PCRE related
PHP Version: Irrelevant OS: Windows/Linux/OSX
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: lart2150 at gmail dot com
New email:
PHP Version: OS:

 

 [2012-08-20 21:04 UTC] lart2150 at gmail dot com
Description:
------------
When I run the test script php crashes.  I have this issue with cli 5.3.10, 5.3.16, and the 5.4 snapshot from the 15th on windows(I can't find a newer snapshot for windows).  I have also reproduced this under mod_php and cli builds from zend server and from apple stock 10.7.

Test script:
---------------
<?php
$sql = "SELECT count(*) AS `count`, GROUP_CONCAT(error_log_id) AS `ids` FROM `error_log` WHERE (error_log_date BETWEEN DATE_SUB(NOW(), INTERVAL '15' MINUTE) AND NOW()) AND (error_log_msg_short = 'Cannot retrieve metadata for IdP \'http://10.246.220.59/saml2/idp/metadata.php\' because it isn\'t a valid IdP for this SP.') AND (error_log_request = 'array (\n  \'controller\' =&gt; \'saml\',\n  \'action\' =&gt; \'acs\',\n  \'source\' =&gt; \'optumsaml\',\n  \'module\' =&gt; \'default\',\n  \'SAMLResponse\' =&gt; \'+PHNhbWw6SXNzdWVyPmh0dHA6Ly8xMC4yNDYuMjIwLjU5L3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+CiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZng0NDdhYTI0Yy1iMTEzLTY5ZjUtYzVjMi03YWNiYzMwZjA2MTgiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPnVJdk5rbmhCZzJHK3pCWnJObVJlZ0NicVp3cz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+T1FuSnBCMmwweWtxRjdmekJvZU9CakRMaVByNHJ3aFlsUTBQQkFhUm9Od21EU0xPRjA5TEJ5NjFGb2ZqbkIwN1IybXF6aEFYbEZnZ0xNMVl3dzRFV21YNWdOcmZYeVhkVkNqdWQwT3F2MFJxRjBtTWFRWDd0Mm9qVkdwK1N6OFhlcjNweFV0K1FocjhyOVg4M0xOekYxZW1kOEg4MTdST2M1aWh2MjJNWXFDK3BzTEh2TVNodzBTY2ptZ3B3VGJ6RkIxK1RkMDJodVBSbFV3MjY4UkpoRkI5VWR2QUVzc3BFQ0NFUlB4cnRnVTBNNzNiSDZkd2Z1Q0VQb3pPbDF2akpra2RMOFNGd3JkZlRBekJ6OUU3TThvU0xRQ2FiZWxZTVpNa1ViQTB5WGpXdHdiS2tVcW1uemdBRkYwaFBzVzNrZldJWmd1NW00TkZtdVowenJwdWJnPT08L2RzOlNpZ25hdHVyZVZhbHVlPgo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlFVGpDQ0F6YWdBd0lCQWdJSkFNdVFubko3NTN2Yk1BMEdDU3FHU0liM0RRRUJCUVVBTUhjeEN6QUpCZ05WQkFZVEFsVlRNUkl3RUFZRFZRUUlFd2xOYVc1dVpYTnZkR0V4RVRBUEJnTlZCQWNUQ0ZCc2VXMXZkWFJvTVJzd0dRWURWUVFLRXhKVmJtbDBaV1JJWldGc2RHZ2dSM0p2ZFhBeEREQUtCZ05WQkFzVEExVklWREVXTUJRR0ExVUVBeE1OTVRBdU1qUTJMakl5TUM0MU9UQWVGdzB4TWpBNE1UY3lNRE0xTURGYUZ3MHlNakE0TVRjeU1ETTFNREZhTUhjeEN6QUpCZ05WQkFZVEFsVlRNUkl3RUFZRFZRUUlFd2xOYVc1dVpYTnZkR0V4RVRBUEJnTlZCQWNUQ0ZCc2VXMXZkWFJvTVJzd0dRWURWUVFLRXhKVmJtbDBaV1JJWldGc2RHZ2dSM0p2ZFhBeEREQUtCZ05WQkFzVEExVklWREVXTUJRR0ExVUVBeE1OTVRBdU1qUTJMakl5TUM0MU9UQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU5lR1pVZXBnazRhZDBpcHhqTG5sOFJZOXNQblRWTjg3MThMaEVnZDA2bURjOU9aUmJVNlErWHV4UzVrMzBCbHFzOWVzZmpZWCsyalV6Zk9sZFlWYXBieWlzVnJ4emNRcHBsOW9pUjNEYVVZRVdmVzFoOEQ4TW56eTh0Q0dudkkrci9zSFVqSVI2U3pIMzZEZUtvWXhhdU9RdCtXN0xMWjFKOFJZM2daRW0xTWQzNHI5TStscmRrbW0rVmYya3JpNitLRGs3MmlVR1lDZ2hHT0FXc1Z2Yi9rNk9EcHRFUkp2R1VNVU5nT2YyWU4yZm53SFF4OXVjaHNiYzVuaVBtM2xBK0l0LzlUSTJRbExYdEdkM3dyczlzMWdSV2x6WVhXeDhmMG9xcnp1dDdOdCtNTnQzc2lYSnhXNGxpUFdPMno3U0xCNmdlSVFZeVp1T0ZVdTU3L2xIOENBd0VBQWFPQjNEQ0IyVEFkQmdOVkhRNEVGZ1FVNW4zQ2dDQ2V2TFdkNHc4MFh1RC9LNkZBeGswd2dha0dBMVVkSXdTQm9UQ0Jub0FVNW4zQ2dDQ2V2TFdkNHc4MFh1RC9LNkZBeGsyaGU2UjVNSGN4Q3pBSkJnTlZCQVlUQWxWVE1SSXdFQVlEVlFRSUV3bE5hVzV1WlhOdmRHRXhFVEFQQmdOVkJBY1RDRkJzZVcxdmRYUm9NUnN3R1FZRFZRUUtFeEpWYm1sMFpXUklaV0ZzZEdnZ1IzSnZkWEF4RERBS0JnTlZCQXNUQTFWSVZERVdNQlFHQTFVRUF4TU5NVEF1TWpRMkxqSXlNQzQxT1lJSkFNdVFubko3NTN2Yk1Bd0dBMVVkRXdRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFRkJRQURnZ0VCQUEvcjB1OGFoUjFSSnY5TVkzR2pFZTNzeTluTVdkaHpmWlRKSEZRejc3aTA0VVNvc01pRlVrWEF3WG1ibTdjTyt1NFNiNmxKNjFsZm9RbkRuTEc5TXJ6aWwxK0lNSVE3NUgxTE9UalkzL0oxTERRQ3c3SDNlM2ZRZWhhNnhsRHZsN0hSeGpQWlhydXg2ODBjSmtiaDF3b3hCTnAzc3d2cTJOVzhxR3k1bGRSNlpIU0ExM0drOTdZR3ltR3hLc0hwNC9KejY2a1VNYlNDbmdVYUw5cFNUTUZNU2dpK01KeUtXQWdZM09QckxpcWFEZFVrYSt5djFibjYrNFNvVE5kbEU4cjFuZ3lwMUlTQkQva3NCeGdsaWNvRDNTdUVJU3VPc0x4OFBkTEg2UVRvbzBreGVyZGcxeXRTc3NUVUROMXJFK3NmbGptUkk3em1ER3gwVjJDNzZodz08L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24geG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiBJRD0icGZ4MGE5ZjNhZDUtZWI0Mi00ODdkLTUyYzQtNzk5NzIyNDIwNDBhIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxMi0wOC0xN1QyMTowNToyOFoiPjxzYW1sOklzc3Vlcj5odHRwOi8vMTAuMjQ2LjIyMC41OS9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPgogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPgogIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4MGE5ZjNhZDUtZWI0Mi00ODdkLTUyYzQtNzk5NzIyNDIwNDBhIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT42UHJoVnRaRXk5aGFpN2p3NjNlZ1BSRGFBaWs9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPlp2VDN6dk5vd1dUVGNLMlBpKzQ2VjNUblRsWmlyaXpNdE5KYmZuejlHSFdEbzMxb1c4YlVnVDZvZXFCcXFlN3RGTFFDWjRoY1ZiT1g4SGFjSkhncXpVNUFZN2hmSnMxOWE3ek9hdVN0U1ZCSmNZdUJHNStBYlN1a3JXK3FVV0x2bkdEb1BEYlhMTnkvNU5WcXlLVXpnOGNVRnJwM2xWcEhYRnpQVisxcmhQdzhuYzFNUHhTYXhwZ2xRVE9zeG5sWjl1YTdrNWlWQVpJZUxMM0Q3MTIvVjRJNWJ5THVwMlZzbnM5WUpTOVB3a3FoZFJrWVhWRkdHa3RyZ3NjWE5jWE85djVuQ21jTGhOdktHMGp5bVhWWXlNeE5zNW5FamsyYTU4dHZxcm84b3JidnFyeUxycndLRmNlemlwZGluUmY5TFJ2ekdlWjJ4UHpEb0VCd0RTdDB6UT09PC9kczpTaWduYXR1cmVWYWx1ZT4KPGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJRVRqQ0NBemFnQXdJQkFnSUpBTXVRbm5KNzUzdmJNQTBHQ1NxR1NJYjNEUUVCQlFVQU1IY3hDekFKQmdOVkJBWVRBbFZUTVJJd0VBWURWUVFJRXdsTmFXNXVaWE52ZEdFeEVUQVBCZ05WQkFjVENGQnNlVzF2ZFhSb01Sc3dHUVlEVlFRS0V4SlZibWwwWldSSVpXRnNkR2dnUjNKdmRYQXhEREFLQmdOVkJBc1RBMVZJVkRFV01CUUdBMVVFQXhNTk1UQXVNalEyTGpJeU1DNDFPVEFlRncweE1qQTRNVGN5TURNMU1ERmFGdzB5TWpBNE1UY3lNRE0xTURGYU1IY3hDekFKQmdOVkJBWVRBbFZUTVJJd0VBWURWUVFJRXdsTmFXNXVaWE52ZEdFeEVUQVBCZ05WQkFjVENGQnNlVzF2ZFhSb01Sc3dHUVlEVlFRS0V4SlZibWwwWldSSVpXRnNkR2dnUjNKdmRYQXhEREFLQmdOVkJBc1RBMVZJVkRFV01CUUdBMVVFQXhNTk1UQXVNalEyTGpJeU1DNDFPVENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOZUdaVWVwZ2s0YWQwaXB4akxubDhSWTlzUG5UVk44NzE4TGhFZ2QwNm1EYzlPWlJiVTZRK1h1eFM1azMwQmxxczllc2ZqWVgrMmpVemZPbGRZVmFwYnlpc1ZyeHpjUXBwbDlvaVIzRGFVWUVXZlcxaDhEOE1uenk4dENHbnZJK3Ivc0hVaklSNlN6SDM2RGVLb1l4YXVPUXQrVzdMTFoxSjhSWTNnWkVtMU1kMzRyOU0rbHJka21tK1ZmMmtyaTYrS0RrNzJpVUdZQ2doR09BV3NWdmIvazZPRHB0RVJKdkdVTVVOZ09mMllOMmZud0hReDl1Y2hzYmM1bmlQbTNsQStJdC85VEkyUWxMWHRHZDN3cnM5czFnUldsellYV3g4ZjBvcXJ6dXQ3TnQrTU50M3NpWEp4VzRsaVBXTzJ6N1NMQjZnZUlRWXladU9GVXU1Ny9sSDhDQXdFQUFhT0IzRENCMlRBZEJnTlZIUTRFRmdRVTVuM0NnQ0NldkxXZDR3ODBYdUQvSzZGQXhrMHdnYWtHQTFVZEl3U0JvVENCbm9BVTVuM0NnQ0NldkxXZDR3ODBYdUQvSzZGQXhrMmhlNlI1TUhjeEN6QUpCZ05WQkFZVEFsVlRNUkl3RUFZRFZRUUlFd2xOYVc1dVpYTnZkR0V4RVRBUEJnTlZCQWNUQ0ZCc2VXMXZkWFJvTVJzd0dRWURWUVFLRXhKVmJtbDBaV1JJWldGc2RHZ2dSM0p2ZFhBeEREQUtCZ05WQkFzVEExVklWREVXTUJRR0ExVUVBeE1OTVRBdU1qUTJMakl5TUM0MU9ZSUpBTXVRbm5KNzUzdmJNQXdHQTFVZEV3UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUZCUUFEZ2dFQkFBL3IwdThhaFIxUkp2OU1ZM0dqRWUzc3k5bk1XZGh6ZlpUSkhGUXo3N2kwNFVTb3NNaUZVa1hBd1htYm03Y08rdTRTYjZsSjYxbGZvUW5EbkxHOU1yemlsMStJTUlRNzVIMUxPVGpZMy9KMUxEUUN3N0gzZTNmUWVoYTZ4bER2bDdIUnhqUFpYcnV4NjgwY0prYmgxd294Qk5wM3N3dnEyTlc4cUd5NWxkUjZaSFNBMTNHazk3WUd5bUd4S3NIcDQvSno2NmtVTWJTQ25nVWFMOXBTVE1GTVNnaStNSnlLV0FnWTNPUHJMaXFhRGRVa2EreXYxYm42KzRTb1ROZGxFOHIxbmd5cDFJU0JEL2tzQnhnbGljb0QzU3VFSVN1T3NMeDhQZExINlFUb28wa3hlcmRnMXl0U3NzVFVETjFyRStzZmxqbVJJN3ptREd4MFYyQzc2aHc9PC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJodHRwczovL2Rldi53ZWxsbmVzcy1pbmMuY29tL3NhbWwvbWV0YWRhdGEvc291cmNlL29wdHVtc2FtbCIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDp0cmFuc2llbnQiPl9iMDFjZjVkMjYxMDI3ZDc0NGQ5Zjk5MzIxNDlmMmE5ZjE0ZmI4ZmY3MDk8L3NhbWw6TmFtZUlEPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMTItMDgtMTdUMjE6MTA6MjhaIiBSZWNpcGllbnQ9Imh0dHBzOi8vZGV2LndlbGxuZXNzLWluYy5jb20vc2FtbC9hY3Mvc291cmNlL29wdHVtc2FtbCIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEyLTA4LTE3VDIxOjA0OjU4WiIgTm90T25PckFmdGVyPSIyMDEyLTA4LTE3VDIxOjEwOjI4WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL2Rldi53ZWxsbmVzcy1pbmMuY29tL3NhbWwvbWV0YWRhdGEvc291cmNlL29wdHVtc2FtbDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTItMDgtMTdUMjA6MzE6MzZaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDEyLTA4LTE4VDA1OjA1OjI4WiIgU2Vzc2lvbkluZGV4PSJfNWM2ZjZmMWY5NjgzM2I2ODhiZTgxZjFjMmI4OWRhMDRlOWVhMDUxZmQ1Ij48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJQYXJlbnRDb21wYW55SUQiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dXJpIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5DbzI0Mjc5PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9IkZpcnN0TmFtZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPkFydGh1cjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJMYXN0TmFtZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPkhvZ2FydGg8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iRE9CIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+MTk1MS0wMS0xNjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJFbXBsb3llZUlEIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+\',\n)') LIMIT 1";
$match = "/'(\'|\\{2}|[^'])*'/";
$sql = preg_replace($match, '', $sql);



Expected result:
----------------
I expect php to return with out any output or crashing.

Actual result:
--------------
segmentation fault I'm including the backtrack from windows(stack overflow).
raw mht is at http://files.bengert.xanthos.soliantconsulting.com/CrashHang_Report__Date_08_20_2012__Time_03_28_13PM__753.mht

PHP5!MATCH+29In php__PID__9988__Date__08_20_2012__Time_03_27_35PM__616__Second_Chance_Exception_C00000FD.dmp the assembly instruction at php5!match+29 in c:\php-5.4-snapshot\php5.dll from The PHP Group has caused a stack overflow exception (0xC00000FD) when trying to write to memory location 0x00aa2f44 on thread 0


Image Name: c:\php-5.4-snapshot\php5.dll   
Symbol Type:  PDB 
Base address: 0x00905a4d   
Time Stamp:  Tue Aug 14 18:41:14 2012  
Checksum: 0x00000000   
Comments:   
COM DLL: False   
Company Name:  The PHP Group 
ISAPIExtension: False   
File Description:  PHP Script Interpreter 
ISAPIFilter: False   
File Version:  5.4.5-dev 
Managed DLL: False   
Internal Name:  PHP Script Interpreter 
VB DLL: False   
Legal Copyright:  Copyright © 1997-2010 The PHP Group 
Loaded Image Name:  php5.dll   
Legal Trademarks:  PHP 
Mapped Image Name:     
Original filename:  php5.dll 
Module name:  php5   
Private Build:   
Single Threaded:  False   
Product Name:  PHP 
Module Size:  5.79 MBytes   
Product Version:  5.4.5-dev 
Symbol File Name:  c:\php-5.4-snapshot\php5.pdb   
Special Build:  & 


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-08-20 21:39 UTC] lart2150 at gmail dot com
This might be a issue with one of the more recent changes to php as http://3v4l.org/3cm5f shows that with a smaller string for $sql (wont let me use the full thing) php crashes for "5.3.10 - 5.3.16, 5.4.1 - 5.4.6" but works fine for "4.3.0 - 4.3.11, 4.4.0 - 4.4.9, 5.0.0 - 5.0.5, 5.1.0 - 5.1.6, 5.2.0 - 5.2.17, 5.3.0 - 5.3.9, 5.4.0"
 [2012-08-20 22:17 UTC] jbury at soliantconsulting dot com
I think this might be a case of a pathological regular expression.  I tried 
converting the grouping parentheses to non-grouping, and it seems to have helped 
the regular expression complete matching on later versions of PHP, although it 
still fails on some older versions.

<?php

$sql = "'" . str_repeat('a', 10*1024);
$match = "/'(\'|\\{2}|[^'])*'/";
$sql = preg_replace($match, '', $sql);
var_dump($sql);
 [2012-08-20 22:21 UTC] jbury at soliantconsulting dot com
This version with non-grouping parentheses works on later versions of PHP:

<?php

$sql = "'" . str_repeat('a', 10*1024);
$match = "/'(?:\'|\\{2}|[^'])*'/";
$sql = preg_replace($match, '', $sql);
var_dump($sql);
 [2012-08-20 22:34 UTC] felipe@php.net
-Status: Open +Status: Not a bug
 [2012-08-20 22:34 UTC] felipe@php.net
Stack overflow related to PCRE are known issues, it isn't a PHP issue.

Thanks.
 [2012-08-20 22:34 UTC] felipe@php.net
-Package: Regexps related +Package: PCRE related
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 07 09:01:27 2024 UTC