<?php
$regex = '/(.*(?=ab))/';
$subject = "aaaaxyzaabaa";
// Comment/uncomment below as wanted.
// All 3 functions are vulnerable (note, other functions are affected as well)
preg_match($regex,$subject,$x);
var_dump($x);
Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
array(2) {
[0]=>
string(8) "aaaaxyza"
[1]=>
string(8) "aaaaxyza"
}