|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2013-06-10 21:11 UTC] ab@php.net
-Status: Open
+Status: Feedback
[2013-06-10 21:11 UTC] ab@php.net
[2013-06-10 21:30 UTC] r dot hampartsumyan at gmail dot com
[2013-06-11 09:43 UTC] ab@php.net
-Status: Feedback
+Status: Not a bug
[2013-06-11 09:43 UTC] ab@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Fri May 03 10:01:31 2024 UTC |
Description: ------------ When trying to match a longer string with the following regex, preg_match causes a segmentation fault - $pattern = "/^(?:%[[:xdigit:]]{2}|[A-Za-z0-9-_.!~*'()\[\];\/?:@&=+$,])*$/"; (this is the regex used in zf1's Zend_Uri_Http for validating queries). Tested with 5.3.26, 5.4.16 and 5.5rc3 The fault is reproducible in cli as well as in apache context, though the length of the string needed may vary (for example, I managed to reproduce it in apache context with shorter string by activating a perl module that allocates more memmory /the more memmory used by the mod - the shorter the string that caused the fault/) Test script: --------------- $query = str_repeat("x", 20000); $pattern = "/^(?:%[[:xdigit:]]{2}|[A-Za-z0-9-_.!~*'()\[\];\/?:@&=+$,])*$/"; $status = @preg_match($pattern, $query); echo "success"; Expected result: ---------------- "success" Actual result: -------------- (gdb) bt #0 0x080db48a in match (eptr=0xb774ebee 'x' <repeats 200 times>..., ecode=<error reading variable: Cannot access memory at address 0xbf233f44>, mstart=<error reading variable: Cannot access memory at address 0xbf233f5c>, offset_top=2, md=<error reading variable: Cannot access memory at address 0xbf233f58>, eptrb=<error reading variable: Cannot access memory at address 0xbf233f54>, rdepth=11624) at /home/rado/phpsrcs/php-src/ext/pcre/pcrelib/pcre_exec.c:500 #1 0x080dc235 in match (eptr=0xb774ebee 'x' <repeats 200 times>..., ecode=0x972c8dd "}", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11623) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:1069 #2 0x080de3f5 in match (eptr=0xb774ebee 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11622) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #3 0x080de3f5 in match (eptr=0xb774ebed 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11621) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #4 0x080de3f5 in match (eptr=0xb774ebec 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11620) at /usr/local/phpsrcs/5.4.16/phpsrcs/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #5 0x080de3f5 in match (eptr=0xb774ebeb 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11619) at /usr/local/phpsrcs/5.4.16/phpsrcs/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #6 0x080de3f5 in match (eptr=0xb774ebea 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11618) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #7 0x080de3f5 in match (eptr=0xb774ebe9 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11617) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #8 0x080de3f5 in match (eptr=0xb774ebe8 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11616) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #9 0x080de3f5 in match (eptr=0xb774ebe7 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11615) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #10 0x080de3f5 in match (eptr=0xb774ebe6 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11614) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #11 0x080de3f5 in match (eptr=0xb774ebe5 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11613) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 #12 0x080de3f5 in match (eptr=0xb774ebe4 'x' <repeats 200 times>..., ecode=0x972c92c "s", mstart=0xb774be88 'x' <repeats 200 times>..., offset_top=2, md=0xbfa2f714, eptrb=0x0, rdepth=11612) at /usr/local/phpsrcs/5.4.16/php-src/ext/pcre/pcrelib/pcre_exec.c:2039 .................