Debian Bug report logs - #278044
php4: mb_ereg fails to compile regex with \x80-\xF7 characters

Package: php4; Maintainer for php4 is (unknown);

Reported by: Alexander Wirt <formorer@debian.org>

Date: Sun, 24 Oct 2004 13:33:03 UTC

Severity: important

Tags: upstream

Found in version 4:4.3.9-1

Fixed in version 6:4.4.6-2+rm

Done: Marco Rodrigues <gothicx@sapo.pt>

Bug is archived. No further changes may be made.

Forwarded to http://bugs.php.net/bug.php?id=34119

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Adam Conrad <adconrad@0c3.net>:
Bug#278044; Package php4. (full text, mbox, link).

Acknowledgement sent to Alexander Wirt <formorer@debian.org>:
New Bug report received and forwarded. Copy sent to Adam Conrad <adconrad@0c3.net>. (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

Package: php4
Version: 4:4.3.9-1
Severity: grave
Justification: renders package unusable

I had mbstring.func_overload = 7 in my php.ini for a long time, after
switching to sarge I detected some strange behaviour in my php apps,
for example ilohamail created mails with wrong BASE64 encodings 
or drupal gave me many many error messages while the code of the apps
was correct.

I tracked down the problem to mbstring.func_overload, if its set
to 7 most grep und regexp function used wrong encodings or reported
strange errors, here some examples from drupal:

warning: mb_ereg(): mbregex compile err: invalid regular expression
warning: mb_strrpos(): Empty haystack in .... 

(ereg and strrpos get overload by multibye functions here)
And so on. 
This worked on older php releases and is now broken.

Sincerly Alex

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro

Versions of packages php4 depends on:
ii  libapache-mod-php4            4:4.3.9-1  server-side, HTML-embedded scripti
ii  php4-common                   4:4.3.9-1  Common files for packages built fr

-- debconf information excluded

Severity set to `important'. Request was from "Adam Conrad" <adconrad@trinitysoftware.com.au> to control@bugs.debian.org. (full text, mbox, link).

Message sent on to Alexander Wirt <formorer@debian.org>:
Bug#278044. (full text, mbox, link).

Message #10 received at 278044-submitter@bugs.debian.org (full text, mbox, reply):

severity 278044 important
thanks

Can you provide me with a small test case of mb_ereg() usage that worked as
expected in older versions but fails in 4.3.9?... Just having the error
message isn't terribly helpful.

... Adam

--
backup [n] (bak'up): The duplicate copy of crucial data that no one
                     bothered to make; used only in the abstract.

1024D/C6CEA0C9  C8B2 CB3E 3225 49BB 5ED2  0002 BE3C ED47 C6CE A0C9

Information stored:
Bug#278044; Package php4. (full text, mbox, link).

Acknowledgement sent to Alexander Wirt <formorer@formorer.de>:
Extra info received and filed, but not forwarded. (full text, mbox, link).

Message #15 received at 278044-quiet@bugs.debian.org (full text, mbox, reply):

Adam Conrad wrote:
> severity 278044 important
> thanks
> 
> Can you provide me with a small test case of mb_ereg() usage that worked as
> expected in older versions but fails in 4.3.9?... Just having the error
> message isn't terribly helpful.
I detected that this was also broken in 4.3.8, sorry for the 
desinformation :).
But the problem is still there, I tested this with a woody and with a 
sarge php4:

$name = "user/1/viewuser/1/edit";
if (ereg("[^\x80-\xF7 [:alnum:]@_.-]", $name)) print('The username 
contains an illegal character.');

With woody everything its fine (maybe the function didn't get 
overwritten by mb_ereg in this version) but with sarge:

Warning: mb_ereg(): mbregex compile err: invalid regular expression in 
/var/www/test.php on line 6

If overload is on and works with overload off.

Thanks for you work

Alexander

Information forwarded to debian-bugs-dist@lists.debian.org, Adam Conrad <adconrad@0c3.net>:
Bug#278044; Package php4. (full text, mbox, link).

Acknowledgement sent to Steve Langasek <vorlon@debian.org>:
Extra info received and forwarded to list. Copy sent to Adam Conrad <adconrad@0c3.net>. (full text, mbox, link).

Message #20 received at 278044@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

Hi Alexander,

At Adam's prompting, I've taken a look at this bug.  In your test case, the
trigger seems to be this part of the check:

  \x80-\xF7

We've noticed that splitting this into \x80-\xA0 and \xA1-\xF7 fixes the
problem.

\xA0, \xA1 is a boundary between character classes: \x80-\xA0 are control
characters, and \xA1-x\F7 are printable characters (latin1 punctuation and
letters).  I'm not sure if it's a feature for mb_ereg() to complain about
ranges that span character classes, but I'm inclined to think that you don't
actually want control characters to be in your usernames anyway.

Even with this change, though, the regexp doesn't seem to work so well with
actual multibyte UTF8 chars in the string being compared.

-- 
Steve Langasek
postmodern programmer

[signature.asc (application/pgp-signature, inline)]

Message sent on to Alexander Wirt <formorer@debian.org>:
Bug#278044. (full text, mbox, link).

Message #26 received at 278044-submitter@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

forwarded 278044 http://bugs.php.net/bug.php?id=34119
retitle 278044 php4: mb_ereg fails to compile regex with \x80-\xF7 characters
thank you

I have forwarded your bug upstream.  It looks like it works ok in php5
(at least it doesn't print warning).

O.
-- 
Ondrej Sury <ondrej@sury.org>

[signature.asc (application/pgp-signature, inline)]

Noted your statement that Bug has been forwarded to http://bugs.php.net/bug.php?id=34119. Request was from Ondrej Sury <ondrej@sury.org> to control@bugs.debian.org. (full text, mbox, link).

Changed Bug title. Request was from Ondrej Sury <ondrej@sury.org> to control@bugs.debian.org. (full text, mbox, link).

Tags added: upstream Request was from Ondrej Sury <ondrej@sury.org> to control@bugs.debian.org. (full text, mbox, link).

Reply sent to Marco Rodrigues <gothicx@sapo.pt>:
You have taken responsibility. (full text, mbox, link).

Notification sent to Alexander Wirt <formorer@debian.org>:
Bug acknowledged by developer. (full text, mbox, link).

Message #37 received at 278044-done@bugs.debian.org (full text, mbox, reply):

Version: 6:4.4.6-2+rm

The php4 package has been removed from Debian testing, unstable and
experimental, so I am now closing the bugs that were still opened
against it.

For more information about this package's removal, read
http://bugs.debian.org/428266 . That bug might give the reasons why
this package was removed, and suggestions of possible replacements.

Don't hesitate to reply to this mail if you have any question.

Thank you for your contribution to Debian.

-- 
Marco Rodrigues

http://Marco.Tondela.org

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 10 Aug 2008 14:37:49 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Jul 2 02:39:16 2023; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Debian Bug report logs - #278044 php4: mb_ereg fails to compile regex with \x80-\xF7 characters

Debian Bug report logs - #278044
php4: mb_ereg fails to compile regex with \x80-\xF7 characters