ID: 34695 User updated by: php at koterov dot ru Reported By: php at koterov dot ru -Status: Bogus +Status: Open Bug Type: Reproducible crash Operating System: Windows XP PHP Version: 4.4.0 New Comment:
First. Quoting this article: <<< There are some size limitations in PCRE but it is hoped that they will never in practice be relevant. The maximum length of a compiled pattern is 65539 (sic) bytes if PCRE is compiled with the default internal linkage size of 2. If you want to process regular expressions that are truly enormous, you can compile PCRE with an internal linkage size of 3 or 4 (see the README file in the source distribution and the pcrebuild documentation for details). In these cases the limit is substantially larger. However, the speed of execution will be slower. All values in repeating quantifiers must be less than 65536. The maxi- mum number of capturing subpatterns is 65535. There is no limit to the number of non-capturing subpatterns, but the maximum depth of nesting of all kinds of parenthesized subpattern, including capturing subpatterns, assertions, and other types of subpat- tern, is 200. The maximum length of a subject string is the largest positive number that an integer variable can hold. However, when using the traditional matching function, PCRE uses recursion to handle subpatterns and indef- inite repetition. This means that the available stack space may limit the size of a subject string that can be processed by certain patterns. >>> Which limitation did you mean? As you can see, expression /((?:[^<]|<[^>]*>){1,1000}).*/xs does not break any limitation bounds quoted above. Second. The same RE works in Perl 5.6 and 5.8 even with {1,10000} repeating quantifiers. But Perl 5.6 uses wittingly older version of libpcre than PHP 4.4.0. So, possibly source of bug is not in PCRE, but in PHP?.. Third. It is NOT a backtracking overflow, because for string with 1001 "a"'s this expression does not work too. Previous Comments: ------------------------------------------------------------------------ [2005-10-02 13:00:58] [EMAIL PROTECTED] RTFM: "You should be aware of some limitations of PCRE. Read http://www.pcre.org/pcre.txt for more info." ------------------------------------------------------------------------ [2005-10-02 08:46:36] php at koterov dot ru Snapshot does not work too. ------------------------------------------------------------------------ [2005-10-01 10:10:46] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip ------------------------------------------------------------------------ [2005-09-30 23:47:44] php at koterov dot ru Description: ------------ PCRE /X{1,Y}/ for large Y (near 1000) does not work for some X on Windows (apache 1.3+mod_php 4.4.0 or 4.3.10). In Unix (Linux) - everything is fine. Maybe stack overflow? Reproduce code: --------------- <? define('MAXLEN', 1000); $text = str_repeat('a', 10000); $text = preg_replace('/ ( (?: [^<] | < [^>]* >){1,'.MAXLEN.'}) .* /xs', '$1', $text); die('ok'); ?> Expected result: ---------------- ok Actual result: -------------- nothing (php exits, but no windows GPF) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=34695&edit=1