php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #9297 sprintf ("%f", $foo) crashes with very large $foo.
Submitted: 2001-02-16 10:34 UTC Modified: 2001-06-12 17:15 UTC
From: ben at bpeter dot org Assigned:
Status: Closed Package: Strings related
PHP Version: 4.0.4pl1 OS: RH Linux 7.0, i386
Private report: No CVE-ID: None
 [2001-02-16 10:34 UTC] ben at bpeter dot org
[ben@home ben]$ echo '<? $foo = 2.2864849511949E+190; settype($foo,"double"); printf("%f\n", $foo) ?>' | php 
X-Powered-By: PHP/4.0.4pl1
Content-type: text/html

2286484951194899000000000000000000000000000000000000000000000000000000000000000
Segmentation fault (core dumped)


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-04-30 09:17 UTC] andi@php.net
Can you please try the latest CVS or a snapshot from snaps.php.net and let us know if this still happens. I can't reproduce it on redhat 6.2.
Thanks.
 [2001-04-30 09:52 UTC] cmv@php.net
Works fine for me (RH7 and latest CVS):

[cmv@sunniva cmv]$ echo '<? $foo = 2.2864849511949E+190; settype($foo,"double"); printf("%fn", $foo) ?>' | php 
X-Powered-By: PHP/4.0.6-dev
Content-type: text/html

2286484951194899000000000000000000000000000000000000000000000000000000000000000n[cmv@sunniva cmv]
 [2001-05-22 01:04 UTC] derick@php.net
It does something strange for me:

[root@mars lib]# /usr/local/bin/php -q
<? $foo = 2.2864849511949E+190;
settype($foo,"double"); printf("%f\nn", $foo) ?>



2286484951194899000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000022864849511948990000000000000000000000000000000000000000000000000000000000000000.

This is with 4.0.6-dev (latest CVS (22/05/2001)).

Derick
 [2001-06-12 17:15 UTC] sniper@php.net
It does not crash with PHP 4.0.6RC3:

http://www.php.net/~andi/php-4.0.6RC3.tar.gz

--Jani

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 02 15:01:29 2024 UTC