Edit report at https://bugs.php.net/bug.php?id=60843&edit=1
ID: 60843 Updated by: paj...@php.net Reported by: ruben dot cheng at gmail dot com Summary: preg_split crash Status: Bogus Type: Bug Package: PCRE related Operating System: Windows 7x64 PHP Version: 5.3.6 and later Block user comment: N Private report: N New Comment: As I said earlier, ask the hoster to increase the stack of Apache. It can be done via the httpd config or EDITBIN (see MSDN). But there is nothing PHP can do, PHP itself has a large enough stack but it is limited by Apache's one. Previous Comments: ------------------------------------------------------------------------ [2012-01-23 05:20:00] ruben dot cheng at gmail dot com I have tested this under several environment and seems to be related to windows platform. Here a results: * Linux ubuntu LTS x86, PHP 5.3.2: OK * Linux opensuse 11.2 x64, PHP 5.3.3: OK * Linux unknown (provider-production), PHP 5.3.6: OK * Windows 7x64. Apache 2.2.21 x64 (ApacheLounge). PHP 5.3.6 x64 (anindya): Crash * Windows 7x64. Apache 2.2.21 x64 (ApacheLounge). PHP 5.3.9 x64 (anindya): Crash * Windows 7x64. Apache 2.2.21 x64 (anindya). PHP 5.3.6 x64 (anindya): Crash * Windows 7x64. Apache 2.2.21 x64 (anindya). PHP 5.3.9 x64 (anindya): Crash * Windows 7x64. Apache 2.2.21 x32 (ApacheLounge). PHP 5.3.9 x32 (PHP.net): Crash If I run the same script under cli on Windows instead from browser It doesn't crash. PHP is loaded as module (except provider server) Another think strange. The script doesn't crash on Windows if there few SQL sentences. It seems to be a preg_split pattern overflow. I tried each SQL of the $query variable from the start, and it crashes after appeding the 8th SQL sentence By the way, how can I increase the stack ? ------------------------------------------------------------------------ [2012-01-22 22:54:18] paj...@php.net Ask your host to increase the stack and to update as well. ------------------------------------------------------------------------ [2012-01-22 22:40:18] ruben dot cheng at gmail dot com Description: ------------ I was running a preg_split to split a string by ";" (taking care not to split enclosed ";" of SQL sentence) results a preg_split crash without notice and error. The test script is only 3 lines. I'm using PHP 5.3.6, cannot upgrade because the hosting is stuck at this version. Test script: --------------- <?php $query="BEGIN;INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-aa04r] ([data|b|date|bbcv100bsf-aa04r]). {909} \\\"Z03269\\\". {426} [is|photocred|121]\\',\\'23\\')','admin_modules_banknote_known_serie_prefix');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-aa04-k8] ([data|b|date|bbcv100bsf-aa04-k8]). {909} \\\"K81\\\". {426} [is|photocred|22]\\',\\'23\\')','admin_modules_banknote_known_serie_prefix');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv50bsf-aa03-h8] ([data|b|date|bbcv50bsf-aa03-h8]). {934} \\\"H00035502\\\" - \\\"H88998045\\\" {431} \\\"H00024933\\\" - \\\"H88998045\\\".\\',\\'6\\')','admin_modules_banknote_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv50bsf-ab01-e8] ([data|b|date|bbcv50bsf-ab01-e8]). {909} \\\"E03\\\", \\\"E07\\\", \\\"E71\\\", \\\"E21\\\" {221} \\\"E63\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-ab01-c8] ([data|b|date|bbcv100bsf-ab01-c8]). {934} \\\"C00676969\\\" - \\\"C70385093\\\" {431} \\\"C00676969\\\" - \\\"C70399841\\\".\\',\\'6\\')','admin_modules_banknote_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-aa03-d8] ([data|b|date|bbcv100bsf-aa03-d8]). {934} \\\"D03771810\\\" - \\\"D40549699\\\" {431} \\\"D03771810\\\" - \\\"D04574964\\\".\\',\\'6\\')','admin_modules_banknote_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-aa03-c8] ([data|b|date|bbcv100bsf-aa03-c8]). {934} \\\"C72902534\\\" - \\\"C89173970\\\" {431} \\\"C72902534\\\" - \\\"C89255430\\\".\\',\\'6\\')','admin_modules_banknote_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-aa04-l8] ([data|b|date|bbcv100bsf-aa04-l8]). {909} \\\"L23\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{805} [g|bbcv100bsf] {812} {813} [j|bbcv100bsf-aa03-e8], {814} \\\"[data|b|date|bbcv100bsf-aa03-e8]\\\", serie [j|bbcv100bsf-aa03-e8|E8] {221} {808} [g|bbcv100bsf-aa]. {815} #2 {817} [j|bbcv100bsf-aa03-e8,e2]. {356} [is|photocred|74] {358}\\',\\'20\\')','admin_modules_banknote_add');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-aa03-e8,e2]: {481} \\\"E56874656\\\" {943}. {356} [is|photocred|74]\\',\\'10\\')','admin_modules_banknote_known_piece_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{805} [g|bbcv50bsf] {812} {813} [j|bbcv50bsf-aa03-j8], {814} \\\"[data|b|date|bbcv50bsf-aa03-j8]\\\", serie [j|bbcv50bsf-aa03-j8|J8] {221} {808} [g|bbcv50bsf-aa]. {816} {817} [j|bbcv50bsf-aa03-j8,e]. {356} [is|photocred|121] {358}\\',\\'20\\')','admin_modules_banknote_add');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv50bsf-aa03-j8,e]: {481} \\\"J29933200\\\" {943}. {356} [is|photocred|121]\\',\\'10\\')','admin_modules_banknote_known_piece_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{805} [g|bbcv50bsf] {812} {813} [j|bbcv50bsf-aa01-b8], {814} \\\"[data|b|date|bbcv50bsf-aa01-b8]\\\", serie [j|bbcv50bsf-aa01-b8|B8] {221} {808} [g|bbcv50bsf-aa]. {815} #4 {817} [j|bbcv50bsf-aa01-b8,e4]. {356} [is|photocred|121] {358}\\',\\'20\\')','admin_modules_banknote_add');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{805} [g|bbcv2bsf] {812} {813} [j|bbcv2bsf-aa01-b8], {814} \\\"[data|b|date|bbcv2bsf-aa01-b8]\\\", serie [j|bbcv2bsf-aa01-b8|B8] {221} {808} [g|bbcv2bsf-aa]. {816} {817} [j|bbcv2bsf-aa01-b8,e]. {356} [is|photocred|74] {358}\\',\\'20\\')','admin_modules_banknote_add');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv500bs-ea04r] ([data|b|date|bbcv500bs-ea04r]). {934} \\\"A00000389A\\\" - \\\"A01200000A\\\" {431} \\\"A00000001A\\\" - \\\"A01200000A\\\".\\',\\'8\\')','admin_modules_banknote_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv2bsf-aa01-c8] ([data|b|date|bbcv2bsf-aa01-c8]). {909} \\\"C78\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv2bsf-aa02-f8] ([data|b|date|bbcv2bsf-aa02-f8]). {909} \\\"F49\\\" {221} \\\"F67\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv2bsf-ab01-e8] ([data|b|date|bbcv2bsf-ab01-e8]). {909} \\\"E39\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv10bsf-aa03-p8] ([data|b|date|bbcv10bsf-aa03-p8]). {909} \\\"P00\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv20bsf-aa03r] ([data|b|date|bbcv20bsf-aa03r]). {909} \\\"Z0398\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv100bsf-aa03r] ([data|b|date|bbcv100bsf-aa03r]). {909} \\\"Z01037\\\" {221} \\\"Z01075\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv50bsf-aa04-n8] ([data|b|date|bbcv50bsf-aa04-n8]). {934} \\\"N21287822\\\" - \\\"N67408190\\\" {431} \\\"N00038692\\\" - \\\"N67408190\\\".\\',\\'6\\')','admin_modules_banknote_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv50bsf-aa04-n8] ([data|b|date|bbcv50bsf-aa04-n8]). {934} \\\"N21000001\\\" - \\\"N68000000\\\" {431} \\\"N00000001\\\" - \\\"N68000000\\\".\\',\\'8\\')','admin_modules_banknote_edit');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv50bsf-aa04-n8] ([data|b|date|bbcv50bsf-aa04-n8]). {909} \\\"N00\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv5bsf-aa01-d8] ([data|b|date|bbcv5bsf-aa01-d8]). {909} \\\"D02\\\".\\',\\'23\\')','admin_modules_banknote_known_serie_prefix_batch');INSERT INTO pending (commands,comments) VALUES ('INSERT INTO updates (lang_id,date,description,update_type) VALUES (\\'3\\',now(),\\'{929} [j|bbcv5bsf-aa01-d8] ([data|b|date|bbcv5bsf-aa01-d8]). {934} \\\"D04016426\\\" - \\\"D86060540\\\" {431} \\\"D02454532\\\" - \\\"D86060540\\\".\\',\\'6\\')','admin_modules_banknote_edit');DELETE FROM updates_pending;INSERT INTO changelog (date,module,changes) VALUES (now(), 'admin_modules_deferred_generate','No Data');"; $sql=preg_split("/;+(?=([^'|^\\\']*['|\\\'][^'|^\\\']*['|\\\'])*[^'|^\\\']*[^'|^\\\']$)/", $query); echo "HERE"; ?> Expected result: ---------------- The script runs the preg_split line and crash, it didn't even reach the echo line ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=60843&edit=1