From: savzn at gmail dot com
Operating system: Linux
PHP version: 4CVS-2005-10-08 (snap)
PHP Bug Type: PCRE related
Bug description: preg_match_all , named capturing groups, variable
assignment/return, crashing
Description:
------------
I used the function preg_match_all () WITHIN a function being called by
another function, with a named capturing group and assigned the match to a
variable using the named group as a key (name or number).
The variable assigned the value of the return becomes NULL
This happens in both the latest snapshots of PHP-4 and PHP-5 with PHP-5
giving a segmentation fault after NULL when "error_reporting (E_ALL)" is
at the top of the script
When the configure option --enable-debug is used PHP-5 gives UNKNOWN:0
instead of NULL and no segmentation fault
When NOT using a Named capturing group name and instead use a normal
capturing group the behaviour seems to stop. Assigning the matched value
by reference also seems to stop the behaviour. ie var2=&var['named_key']
Reproduce code:
---------------
error_reporting(E_ALL);
function func1(){
$words = func2();
var_dump($words);
$this_words = $words;
return $this_words;
}
function func2(){
$pattern = '(?P<word>(?:the))';
$string = 'what the word and the other word the';
preg_match_all('/'.$pattern.'/i', $string, $matches);
$words = $matches['word'];
$this_words = $words;
var_dump($this_words);
return $words;
}
func1();
Expected result:
----------------
array(4) {
[0]=>
string(3) "the"
[1]=>
string(3) "the"
[2]=>
string(3) "the"
[3]=>
string(3) "the"
}
array(4) {
[0]=>
string(3) "the"
[1]=>
string(3) "the"
[2]=>
string(3) "the"
[3]=>
string(3) "the"
}
Actual result:
--------------
array(4) {
[0]=>
string(3) "the"
[1]=>
string(3) "the"
[2]=>
string(3) "the"
[3]=>
string(3) "the"
}
NULL{php -4} UNKNOWN:0 {php-5 --enable-debug}
segmentation fault {php-5 without --enable-debug}
Backtrace (PHP-5 latest without enable-debug because it doesn't crash when
it is used)
---------------------------------------
(gdb) bt
#0 0x402429f2 in malloc () from /lib/i686/libc.so.6
Cannot access memory at address 0x18
(gdb)
--
Edit bug report at http://bugs.php.net/?id=34790&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=34790&r=trysnapshot4
Try a CVS snapshot (php5.0):
http://bugs.php.net/fix.php?id=34790&r=trysnapshot50
Try a CVS snapshot (php5.1):
http://bugs.php.net/fix.php?id=34790&r=trysnapshot51
Fixed in CVS: http://bugs.php.net/fix.php?id=34790&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=34790&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=34790&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=34790&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=34790&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=34790&r=support
Expected behavior: http://bugs.php.net/fix.php?id=34790&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=34790&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=34790&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=34790&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=34790&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=34790&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=34790&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=34790&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=34790&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=34790&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=34790&r=mysqlcfg
