ID: 49091 Updated by: ras...@php.net Reported By: nomail at example dot com Status: Analyzed Bug Type: *Regular Expressions Operating System: Debian Linux 5.0 Lenny PHP Version: 5.2.10 New Comment:
Note also that if you crank up the backtrack limit in pcre, your second example works: pcre.backtrack_limit=1000000 Previous Comments: ------------------------------------------------------------------------ [2009-07-28 23:15:32] ras...@php.net PREG_SET_ORDER is not an error constant. The actual error is PREG_BACKTRACK_LIMIT_ERROR which is set when the pcre library returns a PCRE_ERROR_MATCHLIMIT Run the command-line pcre test tool and file a bug with pcre if you think this is a bug. ------------------------------------------------------------------------ [2009-07-28 22:36:02] nomail at example dot com Description: ------------ Using the latest stable Debian's PHP 5.2.6-1+lenny3. Can't use anything newer on this production server, sorry. Note that this malfunction in regular expressions might create exploitable application vulnerabilities (for example, a forum routine to sanitize posts). So this should be treated as a security fix. // This code works as expected and outputs: ttt www.exa.com/ZZZ ttt echo preg_replace( '#([a-z\.]+)+ZZZ#', 'i', 'ttt www.exa.com/ZZZ ttt'); // The following code is the same but it will not work, even though it // should. It will produce just an empty string. The only difference // between this call and the previous call is that the text contains // a LONGER domain name (instead of "exa", it contains the word // "example"). echo preg_replace( '#([a-z\.]+)+ZZZ#', 'i', 'ttt www.example.com/ZZZ ttt'); Note: preg_last_error() returns the bogus PREG_SET_ORDER, which should apply only to preg_match_all() and not to preg_replace(). Reproduce code: --------------- echo preg_replace( '#([a-z\.]+)+ZZZ#', 'i', 'ttt www.example.com/ZZZ ttt'); Expected result: ---------------- ttt www.example.com/ZZZ ttt Actual result: -------------- Empty string ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=49091&edit=1