Bug #54055 [Opn->Csd]: PHP crashes when executing strval when `precision' setting is very hig

Sun, 20 Feb 2011 22:54:18 -0800 

Edit report at http://bugs.php.net/bug.php?id=54055&edit=1

 ID:                 54055
 Updated by:         cataphr...@php.net
 Reported by:        mr_platelet+jin6vr at fastmail dot fm
 Summary:            PHP crashes when executing strval when `precision'
                     setting is very hig
-Status:             Open
+Status:             Closed
 Type:               Bug
 Package:            Reproducible crash
 Operating System:   Linux
 PHP Version:        5.3.5
-Assigned To:        
+Assigned To:        cataphract
 Block user comment: N
 Private report:     N



Previous Comments:
------------------------------------------------------------------------
[2011-02-21 07:53:46] cataphr...@php.net

Fixed by enforcing a max precision of 500.

------------------------------------------------------------------------
[2011-02-21 07:53:26] cataphr...@php.net

Automatic comment from SVN on behalf of cataphract
Revision: http://svn.php.net/viewvc/?view=revision&revision=308525
Log: - Fixed bug #54055 (buffer overrun with high values for precision
ini
  setting).
#This fix (for g/G/k/H modes) is done at a different level than that for
the
#modes e/E/f/F, at a bit higher level and therefore with less coverage.
I
#chose this because it addresses the problem where it is -- the calling
function
#that passes a buffer too small to php_gcvt.

------------------------------------------------------------------------
[2011-02-20 13:49:46] mr_platelet+jin6vr at fastmail dot fm

Some extra information.  (1) When I ran the script,

I used PHP's "-n" switch.  (2) This is the "configure"

command I used when building PHP:



  --prefix=/usr/local/php/5.3.5 --disable-all --enable-bcmath

------------------------------------------------------------------------
[2011-02-20 13:42:16] mr_platelet+jin6vr at fastmail dot fm

Description:
------------
The script below crashes while executing strval.

Test script:
---------------
<?php

for($i = 500; $i <= 1074; $i++) {

  ini_set('precision', $i);

  print "$i\n";

  strval(pow(2, -1074));

}



Expected result:
----------------
I expect all the integers from 500

to 1074 to be printed, each on

a separate line.

Actual result:
--------------
This is the actual output of the script on

my system:



500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

Segmentation fault




------------------------------------------------------------------------



-- 
Edit this bug report at http://bugs.php.net/bug.php?id=54055&edit=1

Reply via email to