From: camka at email dot ee
Operating system: win 2000
PHP version: 5.1.6
PHP Bug Type: PCRE related
Bug description: php dies on preg_replace
Description:
------------
preg_replace kills php with certain arguments.
Tried with latest snapshot.
Tried playing with pcre.backtrack_limit, pcre.recursion_limit. No success.
cannot repeat on linux environment.
Reproduce code:
---------------
<?php
$query = "UPDATE cache SET data = 'a:3:{s:10:|path
index|;a:84:{s:11:|admin/block|;i:-1;s:16:|admin/block/list|;i:-2;s:21:|admin/block/configure|;i:-3;s:18:|admin/block/delete|;i:-4;s:15:|admin/block/add|;i:-5;s:13:|admin/comment|;i:-6;s:18:|admin/comment/edit|;i:-7;s:20:|admin/comment/delete|;i:-8;s:18:|admin/comment/list|;i:-9;s:23:|admin/comment/configure|;i:-10;s:22:|admin/comment/list/new|;i:-11;s:27:|admin/comment/list/approval|;i:-12;s:32:|admin/comment/configure/settings|;i:-13;s:30:|admin/comment/configure/matrix|;i:-14;s:34:|admin/comment/configure/thresholds|;i:-15;s:29:|admin/comment/configure/roles|;i:-16;s:29:|admin/comment/configure/votes|;i:-17;s:12:|comment/edit|;i:-18;s:7:|comment|;i:-19;s:13:|admin/filters|;i:-20;s:20:|admin/filters/delete|;i:-21;s:11:|filter/tips|;i:-22;s:10:|admin/help|;i:-23;s:16:|admin/help/block|;i:-24;s:18:|admin/help/comment|;i:-25;s:17:|admin/help/filter|;i:-26;s:15:|admin/help/help|;i:-27;s:15:|admin/help/node|;i:-28;s:15:|admin/help/page|;i:-29;s:16:|admin/help/story|;i:-30;s:17:!
|admin/help/system|;i:-31;s:19:|admin/help/taxonomy|;i:-32;s:15:|admin/help/user|;i:-33;s:19:|admin/help/watchdog|;i:-34;s:10:|admin/node|;i:-35;s:17:|admin/node/action|;i:-36;s:19:|admin/node/overview|;i:-37;s:20:|admin/node/configure|;i:-38;s:29:|admin/node/configure/settings|;i:-39;s:26:|admin/node/configure/types|;i:-40;s:4:|node|;i:-41;s:8:|node/add|;i:-42;s:13:|node/add/page|;i:-43;s:14:|node/add/story|;i:-44;s:12:|system/files|;i:-45;s:11:|system/test|;i:-46;s:5:|admin|;i:-47;s:12:|admin/themes|;i:-48;s:19:|admin/themes/select|;i:-49;s:21:|admin/themes/settings|;i:-50;s:28:|admin/themes/settings/global|;i:-51;s:32:|admin/themes/settings/bluemarine|;i:-52;s:14:|admin/settings|;i:-53;s:13:|admin/m'";
echo ($q = preg_replace("/([\"'])(?:\\\\.|\\1\\1|.)*\\1/sU", "{}",
$query));
?>
Expected result:
----------------
UPDATE cache SET data = {}
Actual result:
--------------
php.exe Application Error
The exception unknown software exception (0xc00000fd) occurred in the
application at location 0x101432f8 ...
--
Edit bug report at http://bugs.php.net/?id=39190&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=39190&r=trysnapshot44
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=39190&r=trysnapshot52
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=39190&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=39190&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=39190&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=39190&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=39190&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=39190&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=39190&r=support
Expected behavior: http://bugs.php.net/fix.php?id=39190&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=39190&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=39190&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=39190&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=39190&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=39190&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=39190&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=39190&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=39190&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=39190&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=39190&r=mysqlcfg
