- var_dump: documentation ( source)
- preg_match_all: documentation ( source)
<?php
$regex = '/(^aaaa)(.*(?=ab\K))/';
$subject = "aaaaxyzaabaa";
// Comment/uncomment below as wanted.
// All 3 functions are vulnerable (note, other functions are affected as well)
preg_match_all($regex,$subject,$x);
var_dump($x);