PHP :: Bug #26381 :: rand() without srand() doesn't work with certain php.ini

Bug #26381

rand() without srand() doesn't work with certain php.ini

Submitted:

2003-11-24 08:21 UTC

Modified:

2004-01-26 20:00 UTC

Votes:	2
Avg. Score:	2.5 ± 0.5
Reproduced:	1 of 2 (50.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

spam at vrana dot cz

Assigned:

Status:

Closed

Package:

Scripting Engine problem

PHP Version:

4CVS-2003-12-7

OS:

win32 only

Private report:

CVE-ID:

None

View Developer Edit

[2003-11-24 08:21 UTC] spam at vrana dot cz

Description:
------------
Function rand() without setting random seed by srand() returns always the same value. It doesn't work only on Windows PHP-CLI. As Windows Apache module and also on Linux PHP-CLI it works as it should.

Reproduce code:
---------------
echo rand();

Expected result:
----------------
(random value)

Actual result:
--------------
24849

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-12-02 10:57 UTC] spam at vrana dot cz

I can't believe myself, the problem is caused by something completely different. I discovered that the problem occurs only under this circumstances:

1. Lines in php.ini file ends by CRLF.

2. Windows Extensions part in php.ini is longer than 503 characters (including new-lines).

I don't know what is it but it looks like buffer overflow or something like that. So the problem is probably in   php-src/main/php_ini.c or somewhere near.

[2003-12-02 17:11 UTC] sniper@php.net

We need the php.ini file causing the problems.

[2003-12-03 03:31 UTC] spam at vrana dot cz

It behaves like that with php.ini-dist. It doesn't with php.ini-recommended. If I remove part Dynamic Extensions in php.ini-dist, it disappears. I mean part from

;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;

to

;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;

You know that everything is commented in this part in php.ini-dist.

[2003-12-07 13:54 UTC] sniper@php.net

Indeed, this does happen with the php.ini-dist..
but doesn't if you do 'php -n' (no ini file)

[2004-01-19 14:04 UTC] sniper@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

[2004-01-20 03:47 UTC] spam at vrana dot cz

I'm curious where the problem was. Can you please tell me?

[2004-01-26 20:00 UTC] sniper@php.net

http://cvs.php.net/diff.php/php-src/ext/standard/basic_functions.c?r1=1.543.2.29&r2=1.543.2.30&ty=u

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Dec 22 03:01:28 2024 UTC