|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2017-03-07 21:56 UTC] fernando at null-life dot com
Description:
------------
Test script causes an error when running on Windows
Test script:
---------------
<?php
$v0=str_repeat(".", 0xffffff/5);
$newIntlRuleBasedBreakIterator = new IntlRuleBasedBreakIterator($v0);
$newIntlRuleBasedBreakIterator->getBinaryRules();
Actual result:
--------------
Basic Block:
1450d7dc cmp dword ptr [eax+4],edi
Tainted Input operands: 'eax','edi'
1450d7df jle icuuc57!icu_57::rbbitablebuilder::~rbbitablebuilder+0x8d (1450d83d)
Tainted Input operands: 'SignFlag','ZeroFlag','OverflowFlag'
Exception Hash (Major/Minor): 0x271f1996.0xe72b7f5a
Hash Usage : Stack Trace:
Major+Minor : icuuc57!icu_57::RBBITableBuilder::~RBBITableBuilder+0x2c
Major+Minor : icuuc57!icu_57::RBBIRuleBuilder::~RBBIRuleBuilder+0x90
Major+Minor : icuuc57!icu_57::RBBIRuleBuilder::createRuleBasedBreakIterator+0x255
Major+Minor : icuuc57!icu_57::RuleBasedBreakIterator::RuleBasedBreakIterator+0x58
Major+Minor : php_intl!get_module+0x3507b
Minor : php_intl!get_module+0x35282
Minor : php7ts!ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER+0xaf
Minor : php7ts!execute_ex+0x48
Minor : php7ts!zend_execute+0x169
Minor : php7ts!zend_execute_scripts+0x106
Minor : php7ts!php_execute_script+0x3df
Minor : php!do_cli+0x452
Minor : php!main+0x3ac
Minor : php!__scrt_common_main_seh+0xf9
Minor : KERNEL32!BaseThreadInitThunk+0x24
Minor : ntdll_76ee0000!RtlSubscribeWnfStateChangeNotification+0x439
Minor : ntdll_76ee0000!RtlSubscribeWnfStateChangeNotification+0x404
Instruction Address: 0x000000001450d7dc
Source File: e:\repo\icu4c-57_1-src\source\common\rbbitblb.cpp
Source Line: 49
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sat Dec 21 13:01:31 2024 UTC |
Setting a breakpoint on there, turns out the call is coming from the constructor before we ever get to getBinaryRules() #0 0x00007ffff5abaa20 in icu_55::RBBINode::~RBBINode() () from /usr/lib/x86_64-linux-gnu/libicuuc.so.55 #1 0x00007ffff5abac0b in icu_55::RBBIRuleBuilder::~RBBIRuleBuilder() () from /usr/lib/x86_64-linux-gnu/libicuuc.so.55 #2 0x00007ffff5abb433 in icu_55::RBBIRuleBuilder::createRuleBasedBreakIterator(icu_55::UnicodeString const&, UParseError*, UErrorCode&) () from /usr/lib/x86_64-linux-gnu/libicuuc.so.55 #3 0x00007ffff5ab79e6 in icu_55::RuleBasedBreakIterator::RuleBasedBreakIterator(icu_55::UnicodeString const&, UParseError&, UErrorCode&) () from /usr/lib/x86_64-linux-gnu/libicuuc.so.55 #4 0x0000000000717cc1 in _php_intlrbbi_constructor_body (execute_data=0x7fffef015100, return_value=0x7fffef015120) at /home/sgolemon/dev/php/php-src/ext/intl/breakiterator/rulebasedbreakiterator_methods.cpp:62 #5 0x0000000000717f6b in zim_IntlRuleBasedBreakIterator___construct (execute_data=0x7fffef015100, return_value=0x7fffef015120)