ports/118980: php5-pcre can cause stack overflow in apache22 in normal use

[Thomas Sandford]

>Number:         118980
>Category:       ports
>Synopsis:       php5-pcre can cause stack overflow in apache22 in normal use
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 24 01:30:01 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator:     Thomas Sandford
>Release:        FreeBSD 7.0-BETA4 i386
>Organization:
>Environment:
System: FreeBSD miriam.paradisegreen.co.uk 7.0-BETA4 FreeBSD 7.0-BETA4 #0: Sun Dec 2 19:19:04 UTC 2007 root at logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386

>Description:
	Problem manifests itself as occurence of messages like
[Sat Dec 22 23:53:59 2007] [notice] child pid 71546 exit signal Illegal instruction (4)
        in the apache error log. Digging has revealed that this is really a
        stack overflow cause by excessive recursion in the pcre library.

        It is possible to tell pcre not to store data on the stack when
        recursing, but this is not enabled in the port or in php itself.

        Problem does not seem to be easily repeatable in the command line
        version of php, only the apache module (tested against apache22 only).

>How-To-Repeat:
        portinstall apache22
        portinstall php5-pcre
        [configure building of apache module]
 
        install symfony sandbox from www.symfony-project.org and enable access

        attempt to access a symfony page in non-debug mode
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted: