php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76276 PCRE Segmentation fault before PHP7
Submitted: 2018-04-27 14:36 UTC Modified: 2018-04-27 14:47 UTC
From: drealecs at gmail dot com Assigned:
Status: Wont fix Package: PCRE related
PHP Version: 5.6.36 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: drealecs at gmail dot com
New email:
PHP Version: OS:

 

 [2018-04-27 14:36 UTC] drealecs at gmail dot com
Description:
------------
There seems to be a buffer overflow in all PHP version 4.* and 5.*
but not on PHP 7.*

Test script:
---------------
$string = '';
for ($i = 0; $i < 10000; $i++) {
    $string .= chr(rand(65, 122));
}
echo "Calling preg_match_all()\n";
preg_match_all('/(\D|3)*/', $string, $matches);

echo "It didn't broke php\n";


Expected result:
----------------
Calling preg_match_all()
It didn't broke php

Actual result:
--------------
Calling preg_match_all()

Segmentation fault

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-04-27 14:37 UTC] drealecs at gmail dot com
https://3v4l.org/RJt1X
 [2018-04-27 14:41 UTC] spam2 at rhsoft dot net
> There seems to be a buffer overflow in all 
> PHP version 4.* and 5.* but not on PHP 7.*

so why do you bother to write a new bugreport at 2018-04-27 given that the only 2 supported versions are 7.1 and 7.2?
 [2018-04-27 14:47 UTC] nikic@php.net
-Status: Open +Status: Wont fix
 [2018-04-27 14:47 UTC] nikic@php.net
This is a classical PCRE stack overflow. PHP 7 is not affected because it uses PCRE JIT by default. The crash can still be reproduced under pcre.jit=0. On PHP 7.3 the issue has been resolved entirely as part of the upgrade to PCRE2, which moved to a non-recursive implementation of the non-JIT matcher in version 10.30.

In any case, PHP 5 is no longer supported for non-security issues and this is not a security issue.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 11:01:27 2024 UTC