mb_output_handler crash with unset http_output_conv_mimetypes

[YuanchengJiang]

Description

The following code:

<?php
ini_set('mbstring.http_output_conv_mimetypes', ''<'');
ob_start('mb_output_handler');

Resulted in this output:

php: /home/phpfuzz/WorkSpace/flowfusion/php-src/ext/pcre/php_pcre.c:909: pcre2_match_data_8 *php_pcre_create_match_data(uint32_t, pcre2_code_8 *): Assertion `NULL != re' failed.
Aborted (core dumped)

To reproduce:

./php-src/sapi/cli/php  -d "zend_test.observer.enabled=1" ./test.php

Commit:

cd586623b65c86b423883eda20411634e49084ba

Configurations:

CC="clang-12" CXX="clang++-12" CFLAGS="-DZEND_VERIFY_TYPE_INFERENCE" CXXFLAGS="-DZEND_VERIFY_TYPE_INFERENCE" ./configure --enable-debug --enable-address-sanitizer --enable-undefined-sanitizer --enable-re2c-cgoto --enable-fpm --enable-litespeed --enable-phpdbg-debug --enable-zts --enable-bcmath --enable-calendar --enable-dba --enable-dl-test --enable-exif --enable-ftp --enable-gd --enable-gd-jis-conv --enable-mbstring --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvmsg --enable-zend-test --with-zlib --with-bz2 --with-curl --with-enchant --with-gettext --with-gmp --with-mhash --with-ldap --with-libedit --with-readline --with-snmp --with-sodium --with-xsl --with-zip --with-mysqli --with-pdo-mysql --with-pdo-pgsql --with-pgsql --with-sqlite3 --with-pdo-sqlite --with-webp --with-jpeg --with-freetype --enable-sigchild --with-readline --with-pcre-jit --with-iconv

Operating System:

Ubuntu 20.04 Host, Docker 0599jiangyc/flowfusion:latest

This report is automatically generated by FlowFusion

PHP Version

cd58662

Operating System

No response

[nielsdos]

No need for zend_test, standalone:

<?php
echo "set mime type via this echo\n";
ini_set('mbstring.http_output_conv_mimetypes', null);
ob_start('mb_output_handler');
echo "hi";
ob_flush(); // crash here