> -----Original Message----- > From: Jefferson Gonzalez [mailto:jgm...@gmail.com] > Sent: Monday, February 23, 2015 3:58 AM > To: Stanislav Malyshev; Anthony Ferrara > Cc: Zeev Suraski; Jefferson Gonzalez; PHP internals > Subject: Re: [PHP-DEV] JIT (was RE: [PHP-DEV] Coercive Scalar Type Hints > RFC) > > How casting (int) could be such dangerous thing? Lets take for example > this > code: > > echo (int) "whats cooking!"; > echo intval("whats cooking"); > > Both statements print 0, so how is casting unsafe???
One key premise behind both strict type hinting and coercive type hinting is that conversions that lose data, or that 'invent' data, are typically indicators of a bug in the code. You're right that there's no risk of a segfault or buffer overflow from the snippets you listed. But there are fair chances that if you fed $x into round() and it contains "whats cooking" (string), your code contains a bug. Coercive typing allows 'sensible' conversions to take place, so that if you pass "35.7" (string) to round() it will be accepted without a problem. Strict typing will disallow any input that is not of the exact type that the function expects, so in strict mode, round() will reject it. The point that was raised by Stas and others is that this is likely to push the user to explicitly cast the string to float; Which from that point onwards, happily accept "whats cooking", keeping the likely bug undetected. Zeev -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
