|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2018-07-18 18:28 UTC] requinix@php.net
-Status: Open
+Status: Not a bug
[2018-07-18 18:28 UTC] requinix@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Tue Apr 16 23:01:30 2024 UTC |
Description: ------------ ./php-727 -r '$foo = "1HnyFwSJDjWFexD7oRr4HGTFwD8N6NsrfX"; $pattern = "[((?:(?(?<!):a?)+a?)+|\1)\8\C]u"; preg_match($pattern, $foo, $matches, PREG_OFFSET_CAPTURE, 3); print_r($matches);' Increasing ulimit -s from the default of 8192 to 156275 seems to make this go away on a consistent basis. Expected result: ---------------- No crash. Actual result: -------------- ==28465==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc87ca4ff8 (pc 0x0000006032f1 bp 0x7ffc87ca53c0 sp 0x7ffc87ca4fe0 T0) #0 0x6032f0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:516 #1 0x60630b in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:1612:7 #2 0x60a657 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:1388:7 #3 0x62c3d0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:2061:7 #4 0x62c3d0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:2061:7 **SNIP** #244 0x62c3d0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:2061:7 #245 0x62c3d0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:2061:7 #246 0x62c3d0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:2061:7 #247 0x62c3d0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:2061:7 #248 0x62c3d0 in match /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:2061:7 SUMMARY: AddressSanitizer: stack-overflow /root/php-7.2.7/ext/pcre/pcrelib/pcre_exec.c:516 in match ==28465==ABORTING