Re: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-25 Thread Pierre Joye
hi, On Mon, Jan 17, 2011 at 5:21 AM, Tommy Pham wrote: > Thanks Dan.  I'll keep it in mind for the future.  For interested parties, > that's found in the official Windows 5.3.3 NTS VC9 build.  Works fine with > the current official 5.3.5 NTS VC9. 5.3.5 was released only to fix this exact bug :-

RE: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-16 Thread Tommy Pham
> -Original Message- > From: paras...@gmail.com [mailto:paras...@gmail.com] On Behalf Of > Daniel Brown > Sent: Sunday, January 16, 2011 7:00 PM > To: Tommy Pham > Cc: PHP General; PHP Internals List; secur...@php.net > Subject: Re: [PHP] [security] PHP has DoS vu

[PHP] Re: [PHP-DEV] Re: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-16 Thread Mike Robinson
On 2011-01-16, at 9:59 PM, Daniel Brown wrote: > On Sun, Jan 16, 2011 at 21:00, Tommy Pham wrote: >> >> Here are the results after some further tests for the same platform: >> >> * max float value: 1.7976931348623E+308 >> * min float value: 9.8813129168249E-324 << >> floatval('1.

RE: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-16 Thread Tommy Pham
> -Original Message- > From: Jim Lucas [mailto:li...@cmsws.com] > Sent: Sunday, January 16, 2011 6:54 PM > To: Tommy Pham > Cc: php-general@lists.php.net > Subject: Re: [PHP] [security] PHP has DoS vuln with large decimal points > > On 1/16/2011 4

Re: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-16 Thread Daniel Brown
On Sun, Jan 16, 2011 at 21:00, Tommy Pham wrote: > > Here are the results after some further tests for the same platform: > > * max float value: 1.7976931348623E+308 > * min float value:  9.8813129168249E-324  << > floatval('1.00e-323') weird ... > > PHP wil hang when the value

Re: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-16 Thread Jim Lucas
On 1/16/2011 4:18 PM, Tommy Pham wrote: >> -Original Message- >> From: Tommy Pham [mailto:tommy...@gmail.com] >> Sent: Thursday, January 06, 2011 5:49 PM >> To: 'Daevid Vincent' >> Cc: 'php-general@lists.php.net' >> Subject: RE: [PH

RE: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-16 Thread Tommy Pham
> -Original Message- > From: Tommy Pham [mailto:tommy...@gmail.com] > Sent: Sunday, January 16, 2011 4:18 PM > To: 'php-general@lists.php.net' > Subject: RE: [PHP] [security] PHP has DoS vuln with large decimal points > > > I found something really

RE: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-16 Thread Tommy Pham
> -Original Message- > From: Tommy Pham [mailto:tommy...@gmail.com] > Sent: Thursday, January 06, 2011 5:49 PM > To: 'Daevid Vincent' > Cc: 'php-general@lists.php.net' > Subject: RE: [PHP] [security] PHP has DoS vuln with large decimal points >

RE: [PHP] [security] PHP has DoS vuln with large decimal points

2011-01-06 Thread Tommy Pham
> -Original Message- > From: Daevid Vincent [mailto:dae...@daevid.com] > Sent: Wednesday, January 05, 2011 11:36 AM > To: php-general@lists.php.net > Subject: [PHP] [security] PHP has DoS vuln with large decimal points > > The error in the way floating-point and double-precision numbers ar