ID: 41896 Updated by: [EMAIL PROTECTED] Reported By: giacomoread at hotmail dot com -Status: Open +Status: Bogus -Bug Type: Scripting Engine problem +Bug Type: PCRE related Operating System: All PHP Version: 5.2.3 New Comment:
>I found a similar bug which was closed with status bogus. Surely it's bogus, since it's not PHP issue. >There is nothing in the documentation which states limits to the >input of preg_replace or any portable work arounds documented. Right, we can't and we won't document any bugs in third-party libs. >Stating that 'it is just a stack overflow' just to keep the bug >count down is more than a little unprofessional. "It's just a stack overflow" that happens outside of PHP and we cannot control it. I guess you failed to read the second part of the sentence. >A scripting language should either make the workaround internal >or document input limits NOT cause seg faults. We do accept patches both to the source code and to the documentation. >This is a bug whether the php community is willing to accept it or not. Yes, it's known bug in PCRE. Please report it to PCRE developers. Previous Comments: ------------------------------------------------------------------------ [2007-07-04 19:03:15] giacomoread at hotmail dot com Description: ------------ I found a similar bug which was closed with status bogus. Unacceptable! There is nothing in the documentation which states limits to the input of preg_replace or any portable work arounds documented. Stating that 'it is just a stack overflow' just to keep the bug count down is more than a little unprofessional. A scripting language should either make the workaround internal or document input limits NOT cause seg faults. This is a bug whether the php community is willing to accept it or not. Reproduce code: --------------- function parse($html, &$title, &$text, &$anchors) { $pstring1 = "'[^']*'"; $pstring2 = '"[^"]*"'; $pnstring = "[^'\">]"; $pintag = "(?:$pstring1|$pstring2|$pnstring)*"; $pattrs = "(?:\\s$pintag){0,1}"; $pcomment = enclose("<!--", "-", "->"); $pscript = enclose("<script$pattrs>", "<", "\\/script>"); $pstyle = enclose("<style$pattrs>", "<", "\\/style>"); $pexclude = "(?:$pcomment|$pscript|$pstyle)"; $ptitle = enclose("<title$pattrs>", "<", "\\/title>"); $panchor = "<a(?:\\s$pintag){0,1}>"; $phref = "href\\s*=[\\s'\"]*([^\\s'\">]*)"; $html = preg_replace("/$pexclude/iX", " ", $html); if ($title !== false) $title = preg_match("/$ptitle/iX", $html, $title) ? $title[1] : ''; if ($text !== false) { $text = preg_replace("/<$pintag>/iX", " ", $html); $text = preg_replace("/\\s+| /iX", " ", $text); } if ($anchors !== false) { preg_match_all("/$panchor/iX", $html, $anchors); $anchors = $anchors[0]; reset($anchors); while (list($i, $x) = each($anchors)) $anchors[$i] = preg_match("/$phref/iX", $x, $x) ? $x[1] : ''; $anchors = array_unique($anchors); } } function enclose($start, $end1, $end2) { return "$start((?:[^$end1]|$end1(?!$end2))*)$end1$end2"; } Expected result: ---------------- The code should clean the html pages into title, text and links. It works fine until large pages are downloaded. Then it seg faults with gdb showing the blame lying on preg_replace. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=41896&edit=1