|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #3062 dechex doesn't handle negative numbers
Submitted: 1999-12-28 21:40 UTC Modified: 2005-03-30 09:02 UTC
Avg. Score:1.0 ± 0.0
Reproduced:0 of 1 (0.0%)
From: anderson at metrolink dot com Assigned:
Status: Wont fix Package: Misbehaving function
PHP Version: 3.0.12 OS: FreeBSD
Private report: No CVE-ID: None
 [1999-12-28 21:40 UTC] anderson at metrolink dot com
The function dechex() can be passed a negative number, which will
create a negative index into a static array. This was discoverd when trying to manipulate IP addresses represented by integers. Any IP that has a first octet >127 will cause this to happen. Since integers are signed, I wonder what other areas might have a similar problem when trying to manipulate IP addresses in this way.

Simple Example:


This fix seems to correct this instance of the problem, but I fear that there could possibly be undesirable side effect of doing this.

*** php-3.0.12/functions/math.c Thu Apr 22 09:19:50 1999
--- php/functions/math.c        Tue Dec 28 21:16:08 1999
*** 424,430 ****
        static char digits[] = "0123456789abcdefghijklmnopqrstuvwxyz";
        char *result, *ptr, *ret;
        int len, digit;
!       long value;
        if (arg->type != IS_LONG || base < 2 || base > 36) {
                return empty_string;
--- 424,430 ----
        static char digits[] = "0123456789abcdefghijklmnopqrstuvwxyz";
        char *result, *ptr, *ret;
        int len, digit;
!       unsigned long value;
        if (arg->type != IS_LONG || base < 2 || base > 36) {
                return empty_string;


Pull Requests


AllCommentsChangesGit/SVN commitsRelated reports
 [1999-12-31 05:34 UTC] anderson at metrolink dot com
I also noticed that

PHPAPI void convert_to_long_base(pval *op, int base)

uses strtol() instead of strtoul(), which also contributes to my difficulty.

$ip=0xffffffff doesn't equal -1, but $ip=~0 does.

Perhaps I'm just trying to do something that isn't supposed to work, but
the results are clertainly not intuitive.
 [2005-03-30 09:02 UTC]
We are sorry, but we can not support PHP 3 related problems anymore.
Momentum is gathering for PHP 5, and we think supporting PHP 3 will
lead to a waste of resources which we want to put into getting PHP 5
ready. Of course PHP 4 will continue to be supported for the
forseeable future.

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Sep 18 21:01:26 2024 UTC