php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #46587 mt_/rand produce out of range numbers when min = 0 and max > get_randmax
Submitted: 2008-11-17 02:50 UTC Modified: 2010-11-23 14:09 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: atomo64 at gmail dot com Assigned: iliaa (profile)
Status: Closed Package: Math related
PHP Version: 5.2.6 OS: Debian sid
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: atomo64 at gmail dot com
New email:
PHP Version: OS:

 

 [2008-11-17 02:50 UTC] atomo64 at gmail dot com
Description:
------------
Whenever min is set to 0 and max is set to anything greater than 
getrandmax (or the mt_ version) the returned PRN is always (despite 
the upper limit check in the example code) a number minor than 0.

Reproduce code:
---------------
define("UL", mt_getrandmax()+1000);
$r=mt_rand(0, UL);
if ($r < 0 || $r > UL)
echo "Random value out of range\n";

Expected result:
----------------
No output

Actual result:
--------------
Random value out of range

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-03-09 14:06 UTC] mmcnickle at gmail dot com
The problem is that there is an integer overflow on UL:

------------
<?php
define('UL',mt_getrandmax() + 1000);
var_dump(UL, (int)UL);
------------

will produce
------------
float(2147484647)
int(-2147482649)
------------

The $min and $max parameter names on mt_rand() (and rand()) are misleading, as $min can be larger than $max and mt_rand will produce a correct value between $min and $max.

In the bug example, the expected result is returned: a random value between -2147482649 and 0.

If you want to change the integer overflow behaviour, it would be best to do a check using mt_getrandmax() in the PHP code:

<?php
$max = mt_getrandmax() + 1000;

if ($max > mt_getrandmax()) {
    $max = mt_getrandmax();
}
$r = mt_rand(0, $max); // $r is now a number between 0 and mt_getrandmax()
 [2010-11-23 14:09 UTC] iliaa@php.net
Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=305692
Log: Fixed bug #46587 (mt_rand() does not check that max is greater than min).
 [2010-11-23 14:09 UTC] iliaa@php.net
-Status: Assigned +Status: Closed -Assigned To: pajoye +Assigned To: iliaa
 [2010-11-23 14:09 UTC] iliaa@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 [2010-11-25 17:44 UTC] cataphract@php.net
Automatic comment from SVN on behalf of cataphract
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=305754
Log: - Fixed bug #53403 (use of unitialized values). Fixes the fix for bug #46587.
- Added test for bug #46587.
 [2011-01-27 13:50 UTC] belov1985 at gmail dot com
Arr.. I use this feature five years!! ]:->

mt_rand(0, 10) - works, but mt_rand(10, 0) - why no? it's great, that there is no need to check min & max...

WBR, Konstantin
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 06 07:01:29 2024 UTC