Bug#405067: [php-maint] Bug#405067: php5-cli: Segfault after infinite recursion inside pcre - random memory

sean finney seanius at debian.org
Thu May 10 15:15:16 UTC 2007

tags 405067 confirmed wontfix upstream
forwarded 405067 http://bugs.php.net/bug.php?id=35159

hi cajus,

On Fri, 2007-03-30 at 09:47 +0200, Cajus Pollmeier wrote:
> Anything new here? Anyone tried with php 5.2.1? So I'd report it to the php 
> team - if not already done.
> The bug can be reproduced here in cli and pure apache mode. It happens when 
> the string to be matched is larger than 4089 bytes and a match happens. 
> Everything below just works fine.

sorry for the delay in reponse, pretty much all of my php time has been
spent dealing with the rash of security issues lately.

anyway, regarding this issue:  i've seen it mentioned upstream that php
does not handle deep recursion very well, and is prone to crash horribly
if the stack gets too big, because they keep important data such as the
zend mm on the stack.  so, "it's not a bug, it's a feature" :).  



and others (just do a search for "recursive").

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070510/264e48ee/attachment.pgp

More information about the pkg-php-maint mailing list