PHP 5.2.1

Jeremy Chadwick koitsu at FreeBSD.org
Fri Mar 2 13:41:54 UTC 2007 

On Fri, Mar 02, 2007 at 01:19:07PM +0100, Uwe Grohnwaldt wrote:
> hi,
> i'm have some issues too. i'm using drupal, wordpress and some other
> applications. after upgrading to
> 
> [lando at freebsd ~]$ php -v
> PHP 5.2.1 with Suhosin-Patch 0.9.6.2 (cli) (built: Mar  1 2007 00:08:02)
> Copyright (c) 1997-2007 The PHP Group
> Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
> 
> these scripts have problems in my httpd-error.log
> 
> [Fri Mar 02 07:59:27 2007] [error] [client 66.249.65.40] PHP Warning:
> preg_replace() [<a
> href='function.preg-replace'>function.preg-replace</a>]: Compilation
> failed: lookbehind assertion is not fixed length at offset 10
> in /usr/local/www/vhosts/cc.lando.freebsd.wordpres
> s/wp-includes/formatting.php on line 76
> 
> my drupal produces similar output.

There's multiple pieces to the puzzle here: FreeBSD, PHP, PCRE, and
(name of PHP application you're using).  Let's address each:

FreeBSD)
I don't think this is a FreeBSD-specific problem, because FreeBSD does
not include it's own PCRE library.  PCRE is a standalone library, and is
provided via ports.

PHP)
There was an open PHP bug about this, and the PHP developers' have
insisted it's not a problem with PHP (which is probably the case):
http://bugs.php.net/bug.php?id=38327

PCRE)
I don't think this is a PCRE library bug, since based on looking at the
code, the warning output is generated because the PCRE parser explicitly
states such patterns are bad.  There's documentation that supports this
as well (look for "lookbehind"):
http://www.zend.com/manual/reference.pcre.pattern.syntax.php

name of PHP application you're using)
The regular expression being used in Drupal, Wordpress, and some other
software is responsible for what's happening here.  Yes, I absolutely
believe multiple pieces of blogging software could suffer from the same
problem (they likely "steal" snippets from one another and use them
blindly).  Most of the applications are not well-written, and those
which are are not well-tested.  :-)

There's a lot of people reporting this warning.  Those who have posted
the lines/code in question are taking it directly from the PHP
application emitting the warning, thus in my opinion this makes it the
responsibility of (Drupal|Wordpress|Whoever) to fix the oversight in
their code.

-- 
| Jeremy Chadwick                                 jdc at parodius.com |
| Parodius Networking                        http://www.parodius.com/ |
| UNIX Systems Administrator                   Mountain View, CA, USA |
| Making life hard for others since 1977.               PGP: 4BD6C0CB |

More information about the freebsd-ports mailing list