From: martin dot kevin at gmail dot com Operating system: Debian PHP version: 5.2CVS-2008-02-23 (snap) PHP Bug Type: PCRE related Bug description: Too many subpattern matches cause segfault
Description: ------------ Matching a string against a pattern that will have many subpattern matches causes a segmentation fault. Reproduce code: --------------- #!/usr/bin/env php <?php $testPattern = <<< EOS /([^"])+/ EOS; $testString = '"'; for ( $count = 0; $count < 1030; $count++ ) $testString .= '\x90'; for ( $count = 1030; $count < 4000; $count++ ) { $testString .= '\x90'; echo "$count\n"; preg_match ( $testPattern, $testString . '"', $matches ); } exit ( 0 ); ?> Expected result: ---------------- Over 1000 matches: [...] 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 Actual result: -------------- Segmentation fault at either 1037 or 1038: 1030 1031 1032 1033 1034 1035 1036 1037 1038 Segmentation fault Note that this seems to vary where it fails; either after 1037 matches or 1038 matches. -- Edit bug report at http://bugs.php.net/?id=44229&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=44229&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=44229&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=44229&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=44229&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=44229&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=44229&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=44229&r=needscript Try newer version: http://bugs.php.net/fix.php?id=44229&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=44229&r=support Expected behavior: http://bugs.php.net/fix.php?id=44229&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=44229&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=44229&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=44229&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=44229&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=44229&r=dst IIS Stability: http://bugs.php.net/fix.php?id=44229&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=44229&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=44229&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=44229&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=44229&r=mysqlcfg