OT: PHP 32 bit numbers security issue

OT: PHP 32 bit numbers security issue

Lior Kaplan kaplanlior at gmail.com
Wed Jan 5 13:51:29 IST 2011


It's a hardware bug, which can be avoided by the right compilation flags.
Since it comes from the legacy x87 feature, it doesn't happen on x86_64
which is a newer architecture.

 Kaplan

p.s.
The link you gave bellow is to php.net not Zend.

On Wed, Jan 5, 2011 at 1:41 PM, Nadav Har'El <nyh at math.technion.ac.il>wrote:

> On Wed, Jan 05, 2011, Hetz Ben Hamo wrote about "OT: PHP 32 bit numbers
> security issue":
> > Hi,
> > I just found something related to PHP and handling 32 bit numbers, I
> wrote
> > about it here: http://goo.gl/xqQZd
>
> I found a fix on Zend's repository,
>
> http://svn.php.net/viewvc/php/php-src/trunk/Zend/zend_strtod.c?r1=307095&r2=307094&pathrev=307095
>
> Does anyone know anything about what caused this bug, how come a "volatile"
> fixed it (what, it was a gcc optimization bug?), and what does it have to
> do
> with 32 vs 64 bits?
>
>
> --
> Nadav Har'El                        |    Wednesday, Jan  5 2011, 29 Tevet
> 5771
> nyh at math.technion.ac.il
> |-----------------------------------------
> Phone +972-523-790466, ICQ 13349191 |The trouble with being punctual is
> that
> http://nadav.harel.org.il           |nobody is there to appreciate it.
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20110105/1b46c503/attachment.html>


More information about the Linux-il mailing list