#44461 [Ver]: parse_ini_file crashes

Thu, 20 Mar 2008 17:33:27 -0700 

 ID:               44461
 Updated by:       [EMAIL PROTECTED]
 Reported By:      crrodriguez at suse dot de
 Status:           Verified
 Bug Type:         Reproducible crash
 Operating System: Linux 64bit
 PHP Version:      5.3CVS-2008-03-17 (CVS)
 New Comment:

ok, I misread the action for '\r'.
there's this code as well:
yy286:
        yych = *++YYCURSOR;
        switch (yych) {
        case '\n':      goto yy284;
        default:        goto yy285;
        }

so it's yyfill(2) because of \r\n. Dunno where to patch this.. we can
either change the regex and check for the newline manually (which is
sort of a hack), enable yyfill for lens > 1 (what's the "safe"
threshold?), or change the yyfill macro to something smarter..


Previous Comments:
------------------------------------------------------------------------

[2008-03-21 00:25:19] [EMAIL PROTECTED]

damn, oh I hate YYFILL.. the problem is this piece of code generated by
re2c:

yy282:
        ++YYCURSOR;
        if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
        yych = *YYCURSOR;
yy283:
        switch (yych) {
        case '\n':      goto yy284;
        case '\r':      goto yy286;
        default:        goto yy282;
        }
yy284:
        ++YYCURSOR;
yy285:
        yyleng = YYCURSOR - SCNG(yy_text);
#line 476 "zend_ini_scanner.l"
        { /* Comment */
        BEGIN(INITIAL);
        SCNG(lineno)++;
        return END_OF_LINE;
}

the problem is that YYFILL(2) is ignored (because it's > 1). I dunno
why re2c doesn't generate a YYFILL(1) there instead..

------------------------------------------------------------------------

[2008-03-19 21:34:51] [EMAIL PROTECTED]

I can confirm this, its over-reading by a character if there is no
newline at the end of the file.

------------------------------------------------------------------------

[2008-03-19 21:12:37] crrodriguez at suse dot de

I have:

re2c -v
re2c 0.13.3


I have checked a fresh-, clean CVS copy just now and i can still
reproduce the problem.

Here I have the exact ini file that makes php crash

http://stuff.cristianrodriguez.net/phpbugs/bug44461.tar.bz2

# cd bug44461
# ./sapi/cli/php bug44461.php

------------------------------------------------------------------------

[2008-03-18 21:50:57] [EMAIL PROTECTED]

Did you do './cvsclean && ./buildconf' ? And what re2c version do you
have installed?

------------------------------------------------------------------------

[2008-03-17 23:35:39] [EMAIL PROTECTED]

Works fine to me.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/44461

-- 
Edit this bug report at http://bugs.php.net/?id=44461&edit=1

Reply via email to