Edit report at https://bugs.php.net/bug.php?id=60337&edit=1
ID: 60337 Updated by: s...@php.net Reported by: s...@php.net Summary: bcscale related problem on 64bits platforms -Status: Assigned +Status: Closed Type: Bug Package: BC math related PHP Version: trunk-SVN-2011-11-19 (SVN) Assigned To: shm Block user comment: N Private report: N New Comment: fixed in svn Previous Comments: ------------------------------------------------------------------------ [2011-11-19 12:46:32] s...@php.net Automatic comment from SVN on behalf of shm Revision: http://svn.php.net/viewvc/?view=revision&revision=319546 Log: - Fixed bug #60337 bcscale related crashed on 64bits platforms ------------------------------------------------------------------------ [2011-11-19 12:35:54] s...@php.net Description: ------------ bcscale uses long typed variable to store scale passed further to bclib calls. Unfortunately bclib uses int type for scale parameter, thus large long numbers (which uses 8 bytes on 64 bits platforms) could be casted to negative number and cause memory corruption as a result of pointer arithmetic with scale param. Test script: --------------- <?php $var48 = bcscale(634314234334311); $var67 = bcsqrt(false); $var414 = bcadd(false,null,10); die('ALIVE'); ?> Expected result: ---------------- ALIVE Actual result: -------------- $ php <?php $var48 = bcscale(634314234334311); $var67 = bcsqrt(false); $var414 = bcadd(false,null,10); die('ALIVE'); ?>^D Segmentation fault: 11 (core dumped) ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=60337&edit=1
