php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73724 AddressSanitizer: stack-overflow pcre_exec.c:6359 in php_pcre_exec
Submitted: 2016-12-12 15:51 UTC Modified: 2016-12-12 16:10 UTC
From: rs at revskills dot cz Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 7.1.0 OS: linux
Private report: No CVE-ID: None
 [2016-12-12 15:51 UTC] rs at revskills dot cz
Description:
------------
AddressSanitizer: stack-overflow pcre_exec.c:6359 in php_pcre_exec

Test script:
---------------
<?php

function replace_variables($text, $params) {
	
	$c = function($matches) use (&$params, &$text) {
		$text = preg_replace( '/(\?)/', array_shift( $params ), $text, 1 );
echo replace_variables('a=?, b=?', array('0', '1')) . "\n";
	};

	preg_replace_callback( '/(\?)/', $c, $text );
	
	return $text;
}

echo replace_variables('a=?', array('0')) . "\n";
echo replace_variables('a=?, b=?', array('0', '1')) . "\n";
echo replace_variables('a=?, b=?, c=?', array('0', '1', '2')) . "\n";
echo "Done\n";
?>


Actual result:
--------------
=================================================================
==19382==ERROR: AddressSanitizer: stack-overflow on address 0x7ffe0a2d9c40 (pc 0x000000647dd2 bp 0x7ffe0a2dafe0 sp 0x7ffe0a2d9c40 T0)
    #0 0x647dd1 in php_pcre_exec /home/fuzzer/PHP/php-7.1.0/ext/pcre/pcrelib/pcre_exec.c:6359
    #1 0x75da33 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1234:11
    #2 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #3 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #4 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #5 0x765006 in zif_preg_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1593:18
    #6 0x16dbe1f in ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:675:2
    #7 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #8 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #9 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #10 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #11 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #12 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #13 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #14 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #15 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #16 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #17 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #18 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #19 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #20 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #21 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #22 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #23 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #24 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #25 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #26 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #27 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #28 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #29 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #30 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #31 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #32 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #33 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #34 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #35 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #36 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #37 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #38 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #39 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #40 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #41 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #42 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #43 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #44 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #45 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #46 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #47 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #48 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #49 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #50 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #51 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #52 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #53 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #54 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #55 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #56 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #57 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #58 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #59 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #60 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #61 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #62 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #63 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #64 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #65 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #66 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #67 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #68 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #69 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #70 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #71 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #72 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #73 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #74 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #75 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #76 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #77 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #78 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #79 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #80 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #81 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #82 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #83 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #84 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #85 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #86 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #87 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #88 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #89 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #90 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #91 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #92 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #93 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #94 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #95 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #96 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #97 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #98 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #99 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #100 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #101 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #102 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #103 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #104 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #105 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #106 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #107 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #108 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #109 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #110 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #111 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #112 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #113 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #114 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #115 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #116 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #117 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #118 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #119 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #120 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #121 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #122 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #123 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #124 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #125 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #126 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #127 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #128 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #129 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #130 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #131 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #132 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #133 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #134 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #135 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #136 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #137 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #138 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #139 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #140 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #141 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #142 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #143 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #144 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #145 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #146 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #147 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #148 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #149 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #150 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #151 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #152 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #153 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #154 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #155 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #156 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #157 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #158 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #159 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #160 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #161 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #162 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #163 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #164 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #165 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #166 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #167 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #168 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #169 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #170 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #171 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #172 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #173 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #174 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #175 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #176 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #177 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #178 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #179 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #180 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #181 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #182 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #183 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #184 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #185 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #186 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #187 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #188 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #189 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #190 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #191 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #192 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #193 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #194 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #195 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #196 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #197 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #198 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #199 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #200 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #201 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #202 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #203 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #204 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #205 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #206 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #207 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #208 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #209 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #210 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #211 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #212 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #213 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #214 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #215 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #216 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #217 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #218 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #219 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #220 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #221 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #222 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #223 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #224 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #225 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #226 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #227 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #228 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #229 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #230 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #231 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #232 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #233 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #234 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #235 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #236 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #237 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #238 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #239 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9
    #240 0x7607b0 in preg_do_repl_func /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1103:6
    #241 0x75eb35 in php_pcre_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1325:19
    #242 0x75cf75 in php_pcre_replace /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1136:11
    #243 0x76f27e in php_replace_in_subject /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1495:12
    #244 0x76e320 in preg_replace_impl /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1554:17
    #245 0x7661ed in zif_preg_replace_callback /home/fuzzer/PHP/php-7.1.0/ext/pcre/php_pcre.c:1628:18
    #246 0x16db726 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:628:2
    #247 0x157e1b3 in execute_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_vm_execute.h:432:7
    #248 0x13e8906 in zend_call_function /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:828:3
    #249 0x13e604a in _call_user_function_ex /home/fuzzer/PHP/php-7.1.0/Zend/zend_execute_API.c:672:9

SUMMARY: AddressSanitizer: stack-overflow /home/fuzzer/PHP/php-7.1.0/ext/pcre/pcrelib/pcre_exec.c:6359 in php_pcre_exec
==19382==ABORTING


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-12-12 16:10 UTC] requinix@php.net
-Status: Open +Status: Not a bug
 [2016-12-12 16:10 UTC] requinix@php.net
More infinite recursion: replace_variables -> preg_replace_callback -> $c -> replace_variables.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 12:01:31 2024 UTC