php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #70868 PCRE JIT and pattern reuse segfault
Submitted: 2015-11-06 01:19 UTC Modified: 2015-11-06 01:32 UTC
From: marcio@php.net Assigned:
Status: Closed Package: PCRE related
PHP Version: 7.0.0RC6 OS:
Private report: No CVE-ID:
 [2015-11-06 01:19 UTC] marcio@php.net
Description:
------------
It seems there is a conflict when reusing patters while PCRE JIT is enabled, causing a segfault. It's an obscure bug that I couldn't find a solution and had to disable PCRE JIT to get things working.

These are the (strange) requirements to reproduce the segfault:

1) code MUST be namespaced;
2) code must be run on a non debug build;
3) a preg_replace call must happen while iterating over a regex iterator or derivated;
4) both the preg_replace and the regex iterator instance involved must have the exact same regexp patter;

The test script may be easier to understand. Requirement 1 is really a mystery to me :/


Test script:
---------------
<?php

namespace X;

$iterator =
    new \RegexIterator(
        new \ArrayIterator(['A.phpt', 'B.phpt', 'C.phpt']),
        '/\.phpt$/'
    )
;

foreach ($iterator as $foo) {
    var_dump($foo);
    preg_replace('/\.phpt$/', '', '');
}

echo "Done", PHP_EOL;

?>

Expected result:
----------------
No segfault.

Actual result:
--------------
Segfault.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-11-06 01:32 UTC] marcio@php.net
phpt test pull requested at https://github.com/php/php-src/pull/1621
 [2015-11-06 03:39 UTC] laruence@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=27aef97f658dd956db0cf4145963d9d57d31dacc
Log: Fixed bug #70868 (PCRE JIT and pattern reuse segfault)
 [2015-11-06 03:39 UTC] laruence@php.net
-Status: Open +Status: Closed
 [2015-11-09 18:12 UTC] ab@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=3d8c4a37a528941a84d5bd7f7e6439d267e43776
Log: Fixed bug #70868 (PCRE JIT and pattern reuse segfault)
 [2016-07-20 11:35 UTC] davey@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=27aef97f658dd956db0cf4145963d9d57d31dacc
Log: Fixed bug #70868 (PCRE JIT and pattern reuse segfault)
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sat Apr 29 17:01:36 2017 UTC