PHP Hangs On Numeric Value 2.2250738585072011e-308

EnderMB · January 4, 2011, 2:11pm

Has anyone read this yet? Apparently it’s quite serious and I’ve managed it replicate it on my local machine.

http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/
http://www.reddit.com/r/programming/comments/evtrq/php_hangs_on_numeric_value_22250738585072011e308/

AnthonySterling · January 4, 2011, 2:36pm

Yeah, I popped up a couple of tweets (here, [URL=“http://twitter.com/AnthonySterling/status/22225202964340736”]here and [URL=“http://twitter.com/AnthonySterling/status/22262184604082176”]here) about it this morning. The [URL=“http://bugs.php.net/bug.php?id=53632”]bug report seems to indicate 64bit systems are fine though, will confirm tonight.

As expressed in this reply to Rasmus Lerdorf’s [URL=“http://twitter.com/rasmus/status/22226334654664705”]tweet to me, I do worry how shared hosting folk will be affected by this.

It crashed my Windows dev box (admittedly my fault) when I was testing this bug as it completely consumed the CPU, I had to fill a nice report in for that to Head Office!

This is the code I used:


<?php

#?boom=2.2250738585072011e-308

echo isset($_GET['boom']) ? (float)$_GET['boom'] : 0 ;
/*
  Hangs
*/

The ExploringBinary post is an excellent overview and well worth a read, including the comments.

EnderMB · January 5, 2011, 9:53am

Well, apparently the bug has been found and it is possible to fix the bug itself and to patch your own servers to stop this from happening, but sadly this news won’t reach the vast majority of developers and there may be a lot of websites out there that could be targeted if they’re handling floating-point numbers in their form fields as GETs.

zalucius · January 5, 2011, 10:39am

Im running om Windows Vista Business 64bit, and managed to crash my XAMPP running PHP Version 5.3.1

How it crashed:
?kat=2.2250738585072011e-308

in the code I have this check:

if(is_numeric($_GET['kat']))

EnderMB · January 5, 2011, 10:50am

zalucius:

Im running om Windows Vista Business 64bit, and managed to crash my XAMPP running PHP Version 5.3.1

How it crashed:
?kat=2.2250738585072011e-308

in the code I have this check:
if(is_numeric($_GET['kat'])) 

I assume that’s because you’re running a 32bit version of Apache.

zalucius · January 5, 2011, 11:07am

That might be the case… it is just a simple XAMPP install.

mmarif4u · January 5, 2011, 11:14am

All is well here. 5.3.3(cli), 64bit, LAMP.

aircraft24 · January 6, 2011, 4:28pm

We have slapped together a quick workaround that prevents malicious DoS attacks with this mechanism.

Code can be found here:

http://www.aircraft24.com/en/info/php-float-dos-quickfix.htm

Rafi