subject:"Bug #15829 Updated\: using nonexistingn back reference in regex crashes PHP"

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-04-12 Thread cynic


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

I'm afraid this will get through terribly mangled...

roman@roman ~/install/php4-latest > cat ~/tmp/ereg.test
 141:1

roman@roman ~/install/php4-latest > ./php -c /dev/null -qC
~/tmp/ereg.test   142:0
zsh: 84733 segmentation fault (core dumped)  ./php -c /dev/null -qC
~/tmp/ereg.test
roman@roman ~/install/php4-latest > gdb ./php ./php.core   
 144:0
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and
you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i386-unknown-freebsd"...
Core was generated by `php'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libhistory.so.4...done.
Reading symbols from /usr/lib/libreadline.so.4...done.
Reading symbols from /usr/lib/libncurses.so.5...done.
Reading symbols from /usr/local/lib/libgiconv.so.2...done.
Reading symbols from /usr/local/lib/libintl.so.1...done.
Reading symbols from /usr/lib/libssl.so.2...done.
Reading symbols from /usr/lib/libcrypto.so.2...done.
Reading symbols from /usr/local/lib/libcurl.so.2...done.
Reading symbols from /usr/lib/libbz2.so.1...done.
Reading symbols from /usr/lib/libz.so.2...done.
Reading symbols from /usr/lib/libcrypt.so.2...done.
Reading symbols from /usr/lib/libm.so.2...done.
Reading symbols from /usr/lib/libc.so.4...done.
Reading symbols from /usr/libexec/ld-elf.so.1...done.
#0  0x284c7c82 in memcpy () from /usr/lib/libc.so.4
(gdb) bt
#0  0x284c7c82 in memcpy () from /usr/lib/libc.so.4
#1  0xd570337c in ?? ()
#2  0x80cd88a in php_ereg_replace (ht=3, return_value=0x820b864,
this_ptr=0x0, return_value_used=1, icase=0)
at /home/roman/install/php4-latest/ext/standard/reg.c:476
#3  0x80cd9d8 in zif_ereg_replace (ht=3, return_value=0x820b864,
this_ptr=0x0, return_value_used=1)
at /home/roman/install/php4-latest/ext/standard/reg.c:494
#4  0x815633a in execute (op_array=0x820c724) at
/home/roman/install/php4-latest/Zend/zend_execute.c:1598
#5  0x8145f6d in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /home/roman/install/php4-latest/Zend/zend.c:810
#6  0x8118b69 in php_execute_script (primary_file=0xbfbffa78)
at /home/roman/install/php4-latest/main/main.c:1405
#7  0x815baf4 in main (argc=5, argv=0xbfbffaf4) at
/home/roman/install/php4-latest/sapi/cgi/cgi_main.c:1020
#8  0x8064819 in _start ()
(gdb) 



Previous Comments:


[2002-04-12 15:22:41] [EMAIL PROTECTED]

I reported this BEFORE 4.2.0 was branched. 
I can't reproduce it anymore with todya's HEAD.



[2002-04-12 15:09:12] [EMAIL PROTECTED]

which branch? I'm seeing this on HEAD.
I've just started a new build, will post backtrace within 20 minutes.





[2002-04-12 14:57:17] [EMAIL PROTECTED]

Doesn't crash here either..




[2002-04-12 12:38:02] [EMAIL PROTECTED]

I have it segfaulting there as well.

FreeBSD roman.mobil.cz 4.4-STABLE FreeBSD 4.4-STABLE #0: Wed Dec 26
12:45:18 CET 2001
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/CRUDPUPPY_3  i386

'./configure' \
'--disable-shared' \
'--disable-session' \
'--enable-debug' \
'--enable-inline-optimization' \
'--enable-dio' \
'--enable-ftp' \
'--enable-pcntl' \
'--enable-shmop' \
'--enable-sysvsem' \
'--enable-sysvshm' \
'--enable-sockets' \
'--enable-tokenizer' \
'--without-mysql' \
'--with-openssl' \
'--with-zlib' \
'--with-bz2' \
'--with-curl' \
'--with-gettext' \
'--with-iconv' \
'--with-ncurses' \
'--with-readline' \
"$@"

I don't have a backtrace yet.



[2002-03-02 07:42:55] [EMAIL PROTECTED]

It crashes with a plain ./configure too btw...



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/15829

-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-04-12 Thread sander


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

I reported this BEFORE 4.2.0 was branched. 
I can't reproduce it anymore with todya's HEAD.


Previous Comments:


[2002-04-12 15:09:12] [EMAIL PROTECTED]

which branch? I'm seeing this on HEAD.
I've just started a new build, will post backtrace within 20 minutes.





[2002-04-12 14:57:17] [EMAIL PROTECTED]

Doesn't crash here either..




[2002-04-12 12:38:02] [EMAIL PROTECTED]

I have it segfaulting there as well.

FreeBSD roman.mobil.cz 4.4-STABLE FreeBSD 4.4-STABLE #0: Wed Dec 26
12:45:18 CET 2001
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/CRUDPUPPY_3  i386

'./configure' \
'--disable-shared' \
'--disable-session' \
'--enable-debug' \
'--enable-inline-optimization' \
'--enable-dio' \
'--enable-ftp' \
'--enable-pcntl' \
'--enable-shmop' \
'--enable-sysvsem' \
'--enable-sysvshm' \
'--enable-sockets' \
'--enable-tokenizer' \
'--without-mysql' \
'--with-openssl' \
'--with-zlib' \
'--with-bz2' \
'--with-curl' \
'--with-gettext' \
'--with-iconv' \
'--with-ncurses' \
'--with-readline' \
"$@"

I don't have a backtrace yet.



[2002-03-02 07:42:55] [EMAIL PROTECTED]

It crashes with a plain ./configure too btw...



[2002-03-02 07:25:30] [EMAIL PROTECTED]

Doesn't crash for me:

php -q



abcdef\1ghi


Derick



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/15829

-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-04-12 Thread cynic


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

which branch? I'm seeing this on HEAD.
I've just started a new build, will post backtrace within 20 minutes.




Previous Comments:


[2002-04-12 14:57:17] [EMAIL PROTECTED]

Doesn't crash here either..




[2002-04-12 12:38:02] [EMAIL PROTECTED]

I have it segfaulting there as well.

FreeBSD roman.mobil.cz 4.4-STABLE FreeBSD 4.4-STABLE #0: Wed Dec 26
12:45:18 CET 2001
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/CRUDPUPPY_3  i386

'./configure' \
'--disable-shared' \
'--disable-session' \
'--enable-debug' \
'--enable-inline-optimization' \
'--enable-dio' \
'--enable-ftp' \
'--enable-pcntl' \
'--enable-shmop' \
'--enable-sysvsem' \
'--enable-sysvshm' \
'--enable-sockets' \
'--enable-tokenizer' \
'--without-mysql' \
'--with-openssl' \
'--with-zlib' \
'--with-bz2' \
'--with-curl' \
'--with-gettext' \
'--with-iconv' \
'--with-ncurses' \
'--with-readline' \
"$@"

I don't have a backtrace yet.



[2002-03-02 07:42:55] [EMAIL PROTECTED]

It crashes with a plain ./configure too btw...



[2002-03-02 07:25:30] [EMAIL PROTECTED]

Doesn't crash for me:

php -q



abcdef\1ghi


Derick



[2002-03-02 07:24:07] [EMAIL PROTECTED]

Errm...
That test passes here too:
\0 back reference   
... passed

But this one doesn't:
nonexisting back reference (012.phpt)   
... failed
(it crashes)




The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/15829

-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-04-12 Thread sniper


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

Doesn't crash here either..



Previous Comments:


[2002-04-12 12:38:02] [EMAIL PROTECTED]

I have it segfaulting there as well.

FreeBSD roman.mobil.cz 4.4-STABLE FreeBSD 4.4-STABLE #0: Wed Dec 26
12:45:18 CET 2001
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/CRUDPUPPY_3  i386

'./configure' \
'--disable-shared' \
'--disable-session' \
'--enable-debug' \
'--enable-inline-optimization' \
'--enable-dio' \
'--enable-ftp' \
'--enable-pcntl' \
'--enable-shmop' \
'--enable-sysvsem' \
'--enable-sysvshm' \
'--enable-sockets' \
'--enable-tokenizer' \
'--without-mysql' \
'--with-openssl' \
'--with-zlib' \
'--with-bz2' \
'--with-curl' \
'--with-gettext' \
'--with-iconv' \
'--with-ncurses' \
'--with-readline' \
"$@"

I don't have a backtrace yet.



[2002-03-02 07:42:55] [EMAIL PROTECTED]

It crashes with a plain ./configure too btw...



[2002-03-02 07:25:30] [EMAIL PROTECTED]

Doesn't crash for me:

php -q



abcdef\1ghi


Derick



[2002-03-02 07:24:07] [EMAIL PROTECTED]

Errm...
That test passes here too:
\0 back reference   
... passed

But this one doesn't:
nonexisting back reference (012.phpt)   
... failed
(it crashes)




[2002-03-02 07:15:12] [EMAIL PROTECTED]

With my configuration it passes. 

Running tests in /home/yohgaki/cvs/php/DEV/ext/standard/tests/reg
=
\0 back reference   
... passed

However, there is something wrong in current PHP. I got exit status 255
when run-tests.php finished. (It doesn't now)

The real problem may be in broken heap memory area by some other
place.





The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/15829

-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-04-12 Thread cynic


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

I have it segfaulting there as well.

FreeBSD roman.mobil.cz 4.4-STABLE FreeBSD 4.4-STABLE #0: Wed Dec 26
12:45:18 CET 2001
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/CRUDPUPPY_3  i386

'./configure' \
'--disable-shared' \
'--disable-session' \
'--enable-debug' \
'--enable-inline-optimization' \
'--enable-dio' \
'--enable-ftp' \
'--enable-pcntl' \
'--enable-shmop' \
'--enable-sysvsem' \
'--enable-sysvshm' \
'--enable-sockets' \
'--enable-tokenizer' \
'--without-mysql' \
'--with-openssl' \
'--with-zlib' \
'--with-bz2' \
'--with-curl' \
'--with-gettext' \
'--with-iconv' \
'--with-ncurses' \
'--with-readline' \
"$@"

I don't have a backtrace yet.


Previous Comments:


[2002-03-02 07:42:55] [EMAIL PROTECTED]

It crashes with a plain ./configure too btw...



[2002-03-02 07:25:30] [EMAIL PROTECTED]

Doesn't crash for me:

php -q



abcdef\1ghi


Derick



[2002-03-02 07:24:07] [EMAIL PROTECTED]

Errm...
That test passes here too:
\0 back reference   
... passed

But this one doesn't:
nonexisting back reference (012.phpt)   
... failed
(it crashes)




[2002-03-02 07:15:12] [EMAIL PROTECTED]

With my configuration it passes. 

Running tests in /home/yohgaki/cvs/php/DEV/ext/standard/tests/reg
=
\0 back reference   
... passed

However, there is something wrong in current PHP. I got exit status 255
when run-tests.php finished. (It doesn't now)

The real problem may be in broken heap memory area by some other
place.





[2002-03-02 06:47:48] [EMAIL PROTECTED]

The testscript ext/standard/tests/reg/012.phpt (" nonexisting back
reference") causes PHP to segfault:



#0  0x4017e197 in memcpy () from /lib/libc.so.6
#1  0x08133fd5 in php_reg_replace (pattern=0x82daf4c "123", 
replace=0x82daf64 "def\\1ghi", string=0x82daf84 "abc123", icase=0,

extended=1) at reg.c:377
#2  0x081343ca in php_ereg_replace (ht=3, return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1, icase=0) at reg.c:475
#3  0x081344b5 in zif_ereg_replace (ht=3,nonexisting back reference
 return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1) at reg.c:493
#4  0x08175b9e in execute (op_array=0x82dafcc) at
./zend_execute.c:1598
#5  0x080895ee in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at zend.c:810
#6  0x080946e6 in php_execute_script (primary_file=0xba48) at
main.c:1337
#7  0x08076493 in main (argc=2, argv=0xbac4) at php_cli.c:555
#8  0x4012265f in __libc_start_main () from /lib/libc.so.6

Configure line:
'./configure'  '--with-apxs=/usr/local/apache/bin/apxs'  '--with-mysql'
 '--enable-ftp'  '--enable-sockets'  '--enable-calendar' 
'--enable-bcmath'  '--with-pcntl'  '--enable-ctype'  '--with-mhash' 
'--with-openssl'  '--enable-dbase'  '--with-curl'  '--enable-dbx' 
'--enable-dio'  '--enable-exif'  '--with-pgsql'  '--with-pspell' 
'--enable-filepro'  '--enable-gd'  '--enable-gd-native-ttf' 
'--with-jpeg-dir=/usr'  '--with-png-dir=/usr'  '--with-gettext' 
'--with-gmp'  '--enable-mailparse'  '--enable-mbstring' 
'--enable-mbstr-enc-trans'  '--enable-mgrexeg'  '--with-zlib' 
'--with-bzip2'  '--with-imap'  '--enable-inline-optimization' 
'--with-readline' 




-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-03-02 Thread sander


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

It crashes with a plain ./configure too btw...


Previous Comments:


[2002-03-02 07:25:30] [EMAIL PROTECTED]

Doesn't crash for me:

php -q



abcdef\1ghi


Derick



[2002-03-02 07:24:07] [EMAIL PROTECTED]

Errm...
That test passes here too:
\0 back reference   
... passed

But this one doesn't:
nonexisting back reference (012.phpt)   
... failed
(it crashes)




[2002-03-02 07:15:12] [EMAIL PROTECTED]

With my configuration it passes. 

Running tests in /home/yohgaki/cvs/php/DEV/ext/standard/tests/reg
=
\0 back reference   
... passed

However, there is something wrong in current PHP. I got exit status 255
when run-tests.php finished. (It doesn't now)

The real problem may be in broken heap memory area by some other
place.





[2002-03-02 06:47:48] [EMAIL PROTECTED]

The testscript ext/standard/tests/reg/012.phpt (" nonexisting back
reference") causes PHP to segfault:



#0  0x4017e197 in memcpy () from /lib/libc.so.6
#1  0x08133fd5 in php_reg_replace (pattern=0x82daf4c "123", 
replace=0x82daf64 "def\\1ghi", string=0x82daf84 "abc123", icase=0,

extended=1) at reg.c:377
#2  0x081343ca in php_ereg_replace (ht=3, return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1, icase=0) at reg.c:475
#3  0x081344b5 in zif_ereg_replace (ht=3,nonexisting back reference
 return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1) at reg.c:493
#4  0x08175b9e in execute (op_array=0x82dafcc) at
./zend_execute.c:1598
#5  0x080895ee in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at zend.c:810
#6  0x080946e6 in php_execute_script (primary_file=0xba48) at
main.c:1337
#7  0x08076493 in main (argc=2, argv=0xbac4) at php_cli.c:555
#8  0x4012265f in __libc_start_main () from /lib/libc.so.6

Configure line:
'./configure'  '--with-apxs=/usr/local/apache/bin/apxs'  '--with-mysql'
 '--enable-ftp'  '--enable-sockets'  '--enable-calendar' 
'--enable-bcmath'  '--with-pcntl'  '--enable-ctype'  '--with-mhash' 
'--with-openssl'  '--enable-dbase'  '--with-curl'  '--enable-dbx' 
'--enable-dio'  '--enable-exif'  '--with-pgsql'  '--with-pspell' 
'--enable-filepro'  '--enable-gd'  '--enable-gd-native-ttf' 
'--with-jpeg-dir=/usr'  '--with-png-dir=/usr'  '--with-gettext' 
'--with-gmp'  '--enable-mailparse'  '--enable-mbstring' 
'--enable-mbstr-enc-trans'  '--enable-mgrexeg'  '--with-zlib' 
'--with-bzip2'  '--with-imap'  '--enable-inline-optimization' 
'--with-readline' 




-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-03-02 Thread derick


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

Doesn't crash for me:

php -q



abcdef\1ghi


Derick


Previous Comments:


[2002-03-02 07:24:07] [EMAIL PROTECTED]

Errm...
That test passes here too:
\0 back reference   
... passed

But this one doesn't:
nonexisting back reference (012.phpt)   
... failed
(it crashes)




[2002-03-02 07:15:12] [EMAIL PROTECTED]

With my configuration it passes. 

Running tests in /home/yohgaki/cvs/php/DEV/ext/standard/tests/reg
=
\0 back reference   
... passed

However, there is something wrong in current PHP. I got exit status 255
when run-tests.php finished. (It doesn't now)

The real problem may be in broken heap memory area by some other
place.





[2002-03-02 06:47:48] [EMAIL PROTECTED]

The testscript ext/standard/tests/reg/012.phpt (" nonexisting back
reference") causes PHP to segfault:



#0  0x4017e197 in memcpy () from /lib/libc.so.6
#1  0x08133fd5 in php_reg_replace (pattern=0x82daf4c "123", 
replace=0x82daf64 "def\\1ghi", string=0x82daf84 "abc123", icase=0,

extended=1) at reg.c:377
#2  0x081343ca in php_ereg_replace (ht=3, return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1, icase=0) at reg.c:475
#3  0x081344b5 in zif_ereg_replace (ht=3,nonexisting back reference
 return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1) at reg.c:493
#4  0x08175b9e in execute (op_array=0x82dafcc) at
./zend_execute.c:1598
#5  0x080895ee in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at zend.c:810
#6  0x080946e6 in php_execute_script (primary_file=0xba48) at
main.c:1337
#7  0x08076493 in main (argc=2, argv=0xbac4) at php_cli.c:555
#8  0x4012265f in __libc_start_main () from /lib/libc.so.6

Configure line:
'./configure'  '--with-apxs=/usr/local/apache/bin/apxs'  '--with-mysql'
 '--enable-ftp'  '--enable-sockets'  '--enable-calendar' 
'--enable-bcmath'  '--with-pcntl'  '--enable-ctype'  '--with-mhash' 
'--with-openssl'  '--enable-dbase'  '--with-curl'  '--enable-dbx' 
'--enable-dio'  '--enable-exif'  '--with-pgsql'  '--with-pspell' 
'--enable-filepro'  '--enable-gd'  '--enable-gd-native-ttf' 
'--with-jpeg-dir=/usr'  '--with-png-dir=/usr'  '--with-gettext' 
'--with-gmp'  '--enable-mailparse'  '--enable-mbstring' 
'--enable-mbstr-enc-trans'  '--enable-mgrexeg'  '--with-zlib' 
'--with-bzip2'  '--with-imap'  '--enable-inline-optimization' 
'--with-readline' 




-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-03-02 Thread sander


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
 PHP Version:  4.0CVS-2002-03-0
 New Comment:

Errm...
That test passes here too:
\0 back reference   
... passed

But this one doesn't:
nonexisting back reference (012.phpt)   
... failed
(it crashes)



Previous Comments:


[2002-03-02 07:15:12] [EMAIL PROTECTED]

With my configuration it passes. 

Running tests in /home/yohgaki/cvs/php/DEV/ext/standard/tests/reg
=
\0 back reference   
... passed

However, there is something wrong in current PHP. I got exit status 255
when run-tests.php finished. (It doesn't now)

The real problem may be in broken heap memory area by some other
place.





[2002-03-02 06:47:48] [EMAIL PROTECTED]

The testscript ext/standard/tests/reg/012.phpt (" nonexisting back
reference") causes PHP to segfault:



#0  0x4017e197 in memcpy () from /lib/libc.so.6
#1  0x08133fd5 in php_reg_replace (pattern=0x82daf4c "123", 
replace=0x82daf64 "def\\1ghi", string=0x82daf84 "abc123", icase=0,

extended=1) at reg.c:377
#2  0x081343ca in php_ereg_replace (ht=3, return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1, icase=0) at reg.c:475
#3  0x081344b5 in zif_ereg_replace (ht=3,nonexisting back reference
 return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1) at reg.c:493
#4  0x08175b9e in execute (op_array=0x82dafcc) at
./zend_execute.c:1598
#5  0x080895ee in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at zend.c:810
#6  0x080946e6 in php_execute_script (primary_file=0xba48) at
main.c:1337
#7  0x08076493 in main (argc=2, argv=0xbac4) at php_cli.c:555
#8  0x4012265f in __libc_start_main () from /lib/libc.so.6

Configure line:
'./configure'  '--with-apxs=/usr/local/apache/bin/apxs'  '--with-mysql'
 '--enable-ftp'  '--enable-sockets'  '--enable-calendar' 
'--enable-bcmath'  '--with-pcntl'  '--enable-ctype'  '--with-mhash' 
'--with-openssl'  '--enable-dbase'  '--with-curl'  '--enable-dbx' 
'--enable-dio'  '--enable-exif'  '--with-pgsql'  '--with-pspell' 
'--enable-filepro'  '--enable-gd'  '--enable-gd-native-ttf' 
'--with-jpeg-dir=/usr'  '--with-png-dir=/usr'  '--with-gettext' 
'--with-gmp'  '--enable-mailparse'  '--enable-mbstring' 
'--enable-mbstr-enc-trans'  '--enable-mgrexeg'  '--with-zlib' 
'--with-bzip2'  '--with-imap'  '--enable-inline-optimization' 
'--with-readline' 




-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

2002-03-02 Thread yohgaki


 ID:   15829
 Updated by:   [EMAIL PROTECTED]
 Reported By:  [EMAIL PROTECTED]
 Status:   Open
 Bug Type: Reproducible crash
 Operating System: Debian (Sid) Linux
-PHP Version:  4.0CVS-2002-03-02
+PHP Version:  4.0CVS-2002-03-0
 New Comment:

With my configuration it passes. 

Running tests in /home/yohgaki/cvs/php/DEV/ext/standard/tests/reg
=
\0 back reference   
... passed

However, there is something wrong in current PHP. I got exit status 255
when run-tests.php finished. (It doesn't now)

The real problem may be in broken heap memory area by some other
place.




Previous Comments:


[2002-03-02 06:47:48] [EMAIL PROTECTED]

The testscript ext/standard/tests/reg/012.phpt (" nonexisting back
reference") causes PHP to segfault:



#0  0x4017e197 in memcpy () from /lib/libc.so.6
#1  0x08133fd5 in php_reg_replace (pattern=0x82daf4c "123", 
replace=0x82daf64 "def\\1ghi", string=0x82daf84 "abc123", icase=0,

extended=1) at reg.c:377
#2  0x081343ca in php_ereg_replace (ht=3, return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1, icase=0) at reg.c:475
#3  0x081344b5 in zif_ereg_replace (ht=3,nonexisting back reference
 return_value=0x82daf2c, 
this_ptr=0x0, return_value_used=1) at reg.c:493
#4  0x08175b9e in execute (op_array=0x82dafcc) at
./zend_execute.c:1598
#5  0x080895ee in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at zend.c:810
#6  0x080946e6 in php_execute_script (primary_file=0xba48) at
main.c:1337
#7  0x08076493 in main (argc=2, argv=0xbac4) at php_cli.c:555
#8  0x4012265f in __libc_start_main () from /lib/libc.so.6

Configure line:
'./configure'  '--with-apxs=/usr/local/apache/bin/apxs'  '--with-mysql'
 '--enable-ftp'  '--enable-sockets'  '--enable-calendar' 
'--enable-bcmath'  '--with-pcntl'  '--enable-ctype'  '--with-mhash' 
'--with-openssl'  '--enable-dbase'  '--with-curl'  '--enable-dbx' 
'--enable-dio'  '--enable-exif'  '--with-pgsql'  '--with-pspell' 
'--enable-filepro'  '--enable-gd'  '--enable-gd-native-ttf' 
'--with-jpeg-dir=/usr'  '--with-png-dir=/usr'  '--with-gettext' 
'--with-gmp'  '--enable-mailparse'  '--enable-mbstring' 
'--enable-mbstr-enc-trans'  '--enable-mgrexeg'  '--with-zlib' 
'--with-bzip2'  '--with-imap'  '--enable-inline-optimization' 
'--with-readline' 




-- 
Edit this bug report at http://bugs.php.net/?id=15829&edit=1

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

Bug #15829 Updated: using nonexistingn back reference in regex crashes PHP

9 matches

Site Navigation

Mail list logo

Footer information