Bug #64950

Regex in RessourceCompressor triggers PHP segfault with old pcre versions

Added by Christian Kuhn over 4 years ago. Updated 8 months ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2015-02-09
Due date:
% Done:

100%

TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Is Regression:
Yes
Sprint Focus:
Stabilization Sprint

Related issues

Related to TYPO3 Core - Bug #62463: bug in compressing the css-files!? Closed 2014-10-25
Related to TYPO3 Core - Bug #69648: Built-in css minification destroys certain CSS constructs Closed 2015-09-10

Associated revisions

Revision ec1b5d7c (diff)
Added by Christian Kuhn over 4 years ago

Revert "[BUGFIX] CSS3 function calc must retain whitespace"

This reverts commit 5cfb009da9b36fc022aec19a57dc6965ff80a9ff.

The change introduced a huge regex that leads to PHP segfaults
with old PCRE versions that are usually bundled with PHP versions
5.3 and 5.4. A test script link was added to the forge issue.

The patch reverts the patch for issue #62463 for 6.2 while
master will receive an install tool check for recent PCRE versions.

Change-Id: I63b4ff282ecac34730eef52c4127ad7acfb8dbba
Resolves: #64950
Reverts: #62463
Releases: 6.2
Reviewed-on: http://review.typo3.org/36783
Reviewed-by: Stephan Großberndt <>
Reviewed-by: Christian Kuhn <>
Tested-by: Christian Kuhn <>

Revision 0dec92bf (diff)
Added by Stephan Großberndt over 4 years ago

[TASK] Check PCRE version in SystemEnvironment/Check

Certain regular expressions passed to PCRE library < 8.30
can trigger a PHP segfault. This patch introduces an additional
system environment check to verify the PCRE version is

= 8.30 (default shipped with PHP 5.5).

Resolves: #64950
Related: #62463
Releases: master
Change-Id: I3725c67f2b8e99941f0c6eb82a64d646025a1b85
Reviewed-on: http://review.typo3.org/36784
Reviewed-by: Stephan Großberndt <>
Reviewed-by: Wouter Wolters <>
Tested-by: Wouter Wolters <>
Reviewed-by: Christian Kuhn <>
Tested-by: Christian Kuhn <>

History

#1 Updated by Christian Kuhn over 4 years ago

  • Subject changed from Regex in RessourceCompressor triggers PHP segfault oldish pcre versions to Regex in RessourceCompressor triggers PHP segfault with old pcre versions

#2 Updated by Christian Kuhn over 4 years ago

test css:
https://gist.github.com/alexanderschnitzler/8cb16ea541e35888884d
test script:
https://gist.github.com/sgrossberndt/8a9ed9c73d0c450b21df

Executing this script verified that it crashes with pcre 8.02 and 8.12 while it is ok with 8.30 and above.

8.30 or higher is typically bundled with php 5.5, http://php.net/manual/de/pcre.installation.php may give some more hints on that.

#3 Updated by Gerrit Code Review over 4 years ago

  • Status changed from New to Under Review

Patch set 2 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/36783

#4 Updated by Gerrit Code Review over 4 years ago

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/36784

#5 Updated by Gerrit Code Review over 4 years ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/36784

#6 Updated by Gerrit Code Review over 4 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/36784

#7 Updated by Gerrit Code Review over 4 years ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/36784

#8 Updated by Christian Kuhn over 4 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

#9 Updated by Bas van der Togt over 3 years ago

This bug is back in TYPO3 6.2.15

#10 Updated by Benni Mack 8 months ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF