PHP :: Bug #55393 :: base_convert makes negative numbers positive

Bug #55393

base_convert makes negative numbers positive

Submitted:

2011-08-10 18:20 UTC

Modified:

2021-09-21 12:00 UTC

Votes:	8
Avg. Score:	3.5 ± 1.2
Reproduced:	6 of 6 (100.0%)
Same Version:	1 (16.7%)
Same OS:	3 (50.0%)

From:

phpbugs at ch dot pkts dot ca

Assigned:

cmb (profile)

Status:

Closed

Package:

Math related

PHP Version:

Irrelevant

OS:

Linux

Private report:

CVE-ID:

None

View Developer Edit

[2011-08-10 18:20 UTC] phpbugs at ch dot pkts dot ca

Description:
------------
I'd created a fake email code fragment:
  e-mail: foo.<?php echo base_convert(time(),10,36).".".base_convert(ip2long($_SERVER['REMOTE_ADDR']),10,36) ?>@mydomain.com

However, long2ip(base_convert("cxcapb",36,10)) gave the wrong answer (should be 209.105.205.209, got 46.150.50.47)

It turns out that base_convert(...,10,36) should have returned -cxcapb instead of cxcapb, since ip2long("209.105.205.209") = -781595183 and ip2long("46.150.50.47") = 781595183.

At this point, I'm not sure if there's legions of programs that work around this bug and would be broken by a fix.

Test script:
---------------
$a=base_convert(-781595183,10,36);
if (base_convert($a,36,10) != -781595183) { echo "fail\n"; } else { echo "success\!"; }


Expected result:
----------------
success!

Actual result:
--------------
fail

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-12-14 18:32 UTC] ffeast at gmail dot com

Hi

There's a simpler example:
php -r 'print(base_convert(-5, 10, 2));'
101

So '-' is omitted. 

$ php -v
PHP 5.5.9-1ubuntu4.4 (cli) (built: Sep  4 2014 06:57:30) 
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
    with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies

uname -a
Linux Oleg 3.13.0-34-generic #60-Ubuntu SMP Wed Aug 13 15:49:09 UTC 2014 i686 i686 i686 GNU/Linux


This is why it happens: 
https://github.com/php/php-src/blob/php-5.5.9/ext/standard/math.c#L869

any char except '0'..'9', 'a'..'z', 'A'..'Z' is simp
ly left out without warnings :-(

[2018-02-28 20:00 UTC] cmb@php.net

-Package: Unknown/Other Function +Package: Math related

[2019-07-11 20:22 UTC] Scott at exussum dot co dot uk

This has been voted against and can be closed now https://wiki.php.net/rfc/base_convert_improvements

The 64 bit version of PHP will solve this issue

[2021-09-21 12:00 UTC] cmb@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb

[2021-09-21 12:00 UTC] cmb@php.net

Indeed, there is a warning as of PHP 7.4.0[1], and it is clearly
documented that invalid characters are ignored[2].

[1] <https://3v4l.org/5jdrP>
[2] <https://www.php.net/manual/en/function.base-convert.php#refsect1-function.base-convert-parameters>

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Jul 12 10:01:33 2025 UTC