OT: PHP 32 bit numbers security issue
shimi
linux-il at shimi.net
Wed Jan 5 13:52:37 IST 2011
On Wed, Jan 5, 2011 at 1:41 PM, Nadav Har'El <nyh at math.technion.ac.il>wrote:
> On Wed, Jan 05, 2011, Hetz Ben Hamo wrote about "OT: PHP 32 bit numbers
> security issue":
> > Hi,
> > I just found something related to PHP and handling 32 bit numbers, I
> wrote
> > about it here: http://goo.gl/xqQZd
>
> I found a fix on Zend's repository,
>
> http://svn.php.net/viewvc/php/php-src/trunk/Zend/zend_strtod.c?r1=307095&r2=307094&pathrev=307095
>
> Does anyone know anything about what caused this bug, how come a "volatile"
> fixed it (what, it was a gcc optimization bug?), and what does it have to
> do
> with 32 vs 64 bits?
>
>
>
It has something to do with the precision attempting algorithm of floating
point numbers, and the way it is done on fpu87 in 32bit processors. It tries
to get close to the number below a certain point which is impossible, and
the algorithm does not check to see if it is not actually progressing in
getting closer to the minimal precision error. Hence it's an infinite loop.
Compiling with -mfpmath=sse will also solve the problem.
-- Shimi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20110105/7597f2a2/attachment.html>
More information about the Linux-il
mailing list