> -----Original Message-----
> From: Tommy Pham [mailto:[email protected]]
> Sent: Sunday, January 16, 2011 4:18 PM
> To: '[email protected]'
> Subject: RE: [PHP] [security] PHP has DoS vuln with large decimal points
>
<snip>
>
> I found something really weird while coding a validator for floating
> protection protection.
>
> Case 1 - known DoS / PHP hangs in infinite loop:
>
> $value = '2.2250738585072011e-308';
> var_dump(floatval($value));
>
> Case 2 - works fine:
>
> $value = '2.2250738585072011e-307';
> or
> $value = '2.2250738585072011e-309';
> or
> $value = '2.225073858507201e-308';
>
> var_dump(floatval($value));
>
> I'd expect the '2.2250738585072011e-309' to hang also on my Win x64 with
> PHP FastCGI. I haven't test it on *nix platform yet. Could someone
please
> confirm this?
>
> Thanks,
> Tommy
Here are the results after some further tests for the same platform:
* max float value: 1.7976931348623E+308
* min float value: 9.8813129168249E-324 <<
floatval('1.0000000000000000000000e-323') weird ...
PHP wil hang when the value is between (inclusive)
floatval('2.22507385850720102e-308') -
floatval('2.22507385850720113e-308')
I can't find the bug report for the issue @ bugs.php.net. Does anyone know
if one is submitted? I should submit one? Sucribe to dev list and go from
there?
Thanks,
Tommy
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
