https://bugs.exim.org/show_bug.cgi?id=1803
--- Comment #15 from Zoltan Herczeg <hzmester@???> ---
(In reply to Nish Aravamudan from comment #14)
> (gdb) break ext/pcre/php_pcre.c:1794 if strcmp(subject,
> "\303\251\303\204\303\237\343\201\224a") == 0
strcmp?
Do you mean this line:
count = pcre_exec(pce->re, extra, subject,
subject_len, start_offset,
exoptions|g_notempty, offsets, size_offsets);
Actually the line 1794 is empty here, so I suspect there is an offset
difference between your source code and the master:
https://github.com/php/php-src/blob/master/ext/pcre/php_pcre.c#L1794
> (gdb) c
> ...
> (gdb) print offsets[0]
> $5 = 2
> (gdb) print last_match
> $6 = 0x7fffed42e248 "\303\251\303\204\303\237\343\201\224a"
> (gdb) print offsets[0]
> $7 = 2
> (gdb) print offsets[1]
> $8 = 2
> (gdb) c
> ...
So the first match is an empty match at offset 2.
> (gdb) print last_match
> $9 = 0x7fffed42e24a "\303\204\303\237\343\201\224a"
> (gdb) print offsets[0]
> $10 = -1
> (gdb) print offsets[1]
> $11 = -1
> ...
Is this a rerun because of:
g_notempty = (offsets[1] == offsets[0])? PCRE_NOTEMPTY_ATSTART | PCRE_ANCHORED
: 0;
> (gdb) print last_match
> $12 = 0x7fffed42e24a "\303\204\303\237\343\201\224a"
> (gdb) print offsets[0]
> $13 = 2
> (gdb) print offsets[1]
> $14 = 4
> (gdb) c
> ...
It seems the second character is matched, and offsets updated.
> (gdb) print last_match
> $15 = 0x7fffed42e24c "\303\237\343\201\224a"
> (gdb) print offsets[0]
> $16 = 2
> (gdb) print offsets[1]
> $17 = 4
> (gdb) c
> ...
Hm that is strange, since all offsets are relative to subject, and these
offsets are before last_match.
> SIGSEGV
At this point I suspect something is wrong with start_offset, but it needs a
proof. The last_match seemed to updated to offset 4 (substring
"\303\237\343\201\224a"), but start_offset is below 4, and pcre returns a the
same 2-4 match again. A string from offsets 4-2 cannot be constructed, since
the end is smaller than the start.
Could you also print start_offset and subject as well?
(gdb) print substring
(gdb) print last_match
(gdb) print start_offset
(gdb) print offsets[0]
(gdb) print offsets[1]
For all iterations?
I am sorry for so many debugging requests, but I am not a php developer and
just doing guesses here.
If start_offset is 4, this is likely some PCRE bug, and I need the pattern to
check it here.
--
You are receiving this mail because:
You are on the CC list for the bug.