|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33227 zend_strtod() broken on big-endian arm
Submitted: 2005-06-03 03:44 UTC Modified: 2005-06-11 01:00 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: jbparsons at ucdavis dot edu Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: 5.0.4 OS: "unslung" -
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: jbparsons at ucdavis dot edu
New email:
PHP Version: OS:


 [2005-06-03 03:44 UTC] jbparsons at ucdavis dot edu
On big-endian arm systems, php sometimes crashes (infinite loop) inside zend_strtod().

The problem seems to be the code at line 261 of zend_strtod.c, which apparently assumes that every arm system has little-endian integers:

#if defined(IEEE_LITTLE_ENDIAN) + defined(VAX) + defined(__arm__)
#define Storeinc(a,b,c) (((unsigned short *)a)[1] = (unsigned short)b, \
((unsigned short *)a)[0] = (unsigned short)c, a++)
#define Storeinc(a,b,c) (((unsigned short *)a)[0] = (unsigned short)b, \
((unsigned short *)a)[1] = (unsigned short)c, a++)

Reproduce code:
echo "start";
if ("79e88e6db0c25ca1ee5e2aac35a24d6c"
== "79e88e6db0c25ca1ee5e2aac35a24d6c")
echo "passed";
echo "end";

Expected result:

Actual result:
(gdb) run
Starting program: /share/hdd/data/home/jp30/t/php foo.php

  [...minutes pass, then Ctrl-C is pressed...]

Program received signal SIGINT, Interrupt.
0x00146528 in zend_strtod ()
(gdb) bt
#0  0x00146528 in zend_strtod ()
Cannot access memory at address 0x4


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-06-03 08:05 UTC]
See lines 126-133 in zend_strtod.c

 [2005-06-11 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2007-01-23 01:29 UTC] terry dot s dot duncan at intel dot com
Lines 126-133 indicate that the CPU is little endian. Not necessarily true. The CPU can be configured either way. If configured BE, the Storeinc() macro is not correct. I ran into this using unserialize() with this value... d:134.11045074462890625
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Wed Mar 29 20:03:46 2023 UTC