> -----Original Message----- > From: Tommy Pham [mailto:tommyhp2@xxxxxxxxx] > Sent: Sunday, January 16, 2011 4:18 PM > To: 'php-general@xxxxxxxxxxxxx' > Subject: RE: [security] PHP has DoS vuln with large decimal points > <snip> > > I found something really weird while coding a validator for floating > protection protection. > > Case 1 - known DoS / PHP hangs in infinite loop: > > $value = '2.2250738585072011e-308'; > var_dump(floatval($value)); > > Case 2 - works fine: > > $value = '2.2250738585072011e-307'; > or > $value = '2.2250738585072011e-309'; > or > $value = '2.225073858507201e-308'; > > var_dump(floatval($value)); > > I'd expect the '2.2250738585072011e-309' to hang also on my Win x64 with > PHP FastCGI. I haven't test it on *nix platform yet. Could someone please > confirm this? > > Thanks, > Tommy Here are the results after some further tests for the same platform: * max float value: 1.7976931348623E+308 * min float value: 9.8813129168249E-324 << floatval('1.0000000000000000000000e-323') weird ... PHP wil hang when the value is between (inclusive) floatval('2.22507385850720102e-308') - floatval('2.22507385850720113e-308') I can't find the bug report for the issue @ bugs.php.net. Does anyone know if one is submitted? I should submit one? Sucribe to dev list and go from there? Thanks, Tommy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
