#44229 [NEW]: Too many subpattern matches cause segfault

Sat, 23 Feb 2008 14:52:50 -0800 

From:             martin dot kevin at gmail dot com
Operating system: Debian
PHP version:      5.2CVS-2008-02-23 (snap)
PHP Bug Type:     PCRE related
Bug description:  Too many subpattern matches cause segfault

Description:
------------
Matching a string against a pattern that will have many subpattern matches
causes a segmentation fault.

Reproduce code:
---------------
#!/usr/bin/env php
<?php
$testPattern = <<< EOS
/([^"])+/
EOS;

$testString = '"';

for ( $count = 0; $count < 1030; $count++ )
   $testString .= '\x90';

for ( $count = 1030; $count < 4000; $count++ )
{
   $testString .= '\x90';

   echo "$count\n";

   preg_match ( $testPattern, $testString . '"', $matches );
}

exit ( 0 );
?>


Expected result:
----------------
Over 1000 matches:

[...]
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045

Actual result:
--------------
Segmentation fault at either 1037 or 1038:

1030
1031
1032
1033
1034
1035
1036
1037
1038
Segmentation fault

Note that this seems to vary where it fails; either after 1037 matches or
1038 matches.

-- 
Edit bug report at http://bugs.php.net/?id=44229&edit=1
-- 
Try a CVS snapshot (PHP 5.2): 
http://bugs.php.net/fix.php?id=44229&r=trysnapshot52
Try a CVS snapshot (PHP 5.3): 
http://bugs.php.net/fix.php?id=44229&r=trysnapshot53
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=44229&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=44229&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=44229&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=44229&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=44229&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=44229&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=44229&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=44229&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=44229&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=44229&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=44229&r=globals
PHP 4 support discontinued:   http://bugs.php.net/fix.php?id=44229&r=php4
Daylight Savings:             http://bugs.php.net/fix.php?id=44229&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=44229&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=44229&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=44229&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=44229&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=44229&r=mysqlcfg

Reply via email to