PHP Hangs When Fed 2.2250738585072011e-308

External Link: PHP Hangs When Fed 2.2250738585072011e-308

A pretty horrible bug when you assign the number 2.2250738585072011e-308 to a variable PHP will hang on Linux or Windows 32bit builds of PHP. This does affect $_GET and $_POST variables as well and as such could be an exploit in some PHP sites.

So the following code will break your PHP for example:

$var = 2.2250738585072011e-308;

Or if a page is given a GET parameter like page.php?param=2.2250738585072011e-308

$var = $_GET['param'] + 1;
//OR
$var = (double)$_GET['param'];

More debate available onĀ http://news.ycombinator.com/item?id=2066084

  1. Analogue Clock Icon 4th January 2011
  2. Notes Icon Notes: 1 | Comments: 0
  3. Tags Icon #php #internet
blog comments powered by Disqus
  1. wnemay reblogged this from holywell
  2. holywell posted this