#47774 [Bgs]: Integer Overflow

vivekanandan8 at yahoo dot com Wed, 25 Mar 2009 23:36:25 -0700

 ID:               47774
 User updated by:  vivekanandan8 at yahoo dot com
 Reported By:      vivekanandan8 at yahoo dot com
 Status:           Bogus
 Bug Type:         Scripting Engine problem
 Operating System: Debian
 PHP Version:      5.2CVS-2009-03-25 (snap)
 New Comment:


Hi,
   Thanks for your information.but when the overflow occurs at the 
runtime, then also the data type conversion does not change.
Ex: 
<?
$vValue = -2147483649;
var_dump($vValue); //output: float(-2147483649) 
$vValue++;
var_dump($vValue);//output: float(-2147483648) 
$vValue++;
var_dump($vValue);//output: float(-2147483647)
?>
Initially $vValue is double , but even later execution it is not
converted to integer when it can hold values. 

   when the overflow occurs we convert  from long to double but i fell
it is not done from double to long.
Hence in the function increment_function(zend_operators.c)
we have to add the validation as follows 
case IS_DOUBLE:  
 if(op1->value.dval == LONG_MIN) {   
  op1->value.lval = (long) op1->value.dval+1;
  op1->type = IS_LONG; 
 }else{
   op1->value.dval = op1->value.dval + 1;
}


Previous Comments:
------------------------------------------------------------------------

[2009-03-25 16:15:16] [email protected]

This is the expected behavior. Happens because it's not parsed as a
single negative number, but a positive number (and 2147483648 needs to
be a float) that is then negated afterwards. So it's treated more like
-(2147483648). Hope that helps explain what's going on. :-)

------------------------------------------------------------------------

[2009-03-25 14:28:33] vivekanandan8 at yahoo dot com

Description:
------------
Generally when integer number exceed(overflows), it is converted to
float,But for the number -2147483648 the Integer can hold, but converted
to float.   

Reproduce code:
---------------
<?
$vValue =       (int)-2147483648;
var_dump($vValue);
$vValue = -2147483648;
var_dump($vValue);
?>

Expected result:
----------------
int(-2147483648) int(-2147483648) 

Actual result:
--------------
int(-2147483648) float(-2147483648) 


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=47774&edit=1

#47774 [Bgs]: Integer Overflow

Reply via email to