[php-maint] Bug#405067: php5-cli: Segfault after infinite recursion
inside pcre - random memory corruption?
Richard Atterer
atterer at debian.org
Sun Dec 31 11:51:39 UTC 2006
On Sat, Dec 30, 2006 at 10:23:06PM +0100, Richard Atterer wrote:
> One more thing: I also tried to trim down the example further by reducing
> the length of the subject string. This gives weird results:
The following has occurred to me: The program starts crashing when the
region matched by the regex (begins with the opening <?php) is about 4000
bytes long. At this point, the stack contains some 8100 stack frames, half
of them on ./pcre_exec.c:1190, the other half on ./pcre_exec.c:677.
Thus, it is possible that the special input causes one recursive step
(i.e., one call through ./pcre_exec.c:677) for each character that is
consumed.
Cheers,
Richard
--
__ _
|_) /| Richard Atterer
| \/¯| http://geht.net.gibts.bei.atterer.net
¯ '` ¯
More information about the pkg-php-maint
mailing list