[wp-hackers] preg_match_all() Crashes Server

Mike Walsh mpwalsh8 at gmail.com
Wed Mar 13 15:01:02 UTC 2013


A user of my WordPress Google Form plugin has run into an odd problem where
visiting the Plugin Settings page results in a server crash.  I can't
replicate it but he provided me access to a test site where I was able to
determine that a call to preg_match_all() is what is crashing the server.

I am not sure how to resolve this.  What I am doing is using
wp_remote_get() to scrape the FAQ and Usage content for my plugin from the
WordPress Plugin Repository (the content from the ReadMe file), extract
what I want, and put the content on a tab on my Settings Page.  Doing this
allowed me an easy way to add Help to my plugin within the Settings Page.

I've put a fragment of the code here in PastBin:
http://pastebin.com/RrYxAdiU

This is the regular expression which fails:

        $pattern_short =
'{<div\s+[^>]*?class="block-content"[^>]*>((?:(?:(?!<div[^>]*>|</div>).)++|<div[^>]*>(?1)</div>)*)</div>}si';
        $matchcount = preg_match_all($pattern_short, $data, $matches);

After Googling a bit I thought the user might have an incorrect setting for
pcre.backtrace_limit but his value (100000) is the same as what I have on
my server.

I am not sure what else to check at this point.

-- 
Mike Walsh - mpwalsh8 at gmail.com


More information about the wp-hackers mailing list