registry team mailing list archive

[Paul Sladen <ubuntu@xxxxxxxxxxxxxxx>]

*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: php5

Processing certain textual forms of MAX_FLOAT leads to an infinite
loop/hang/DoS:

  php -r "print 2.2250738585072011e-308;"

hangs indefinitely, whereas:

  php -r "print 2.2250738585072010e-308;"

returns immediately.

Confirmed for natty/php5-cli=5.3.3-1ubuntu11

** Affects: php
     Importance: Unknown
         Status: Unknown

** Affects: php5 (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** Bug watch added: bugs.php.net/ #53632
   http://bugs.php.net/bug.php?id=53632

** Also affects: php via
   http://bugs.php.net/bug.php?id=53632
   Importance: Unknown
       Status: Unknown

** Description changed:

  Binary package hint: php5
  
  Processing certain textual forms of MAX_FLOAT leads to an infinite
  loop/hang/DoS:
  
-   php -r "print 2.2250738585072011e-308;"
+   php -r "print 2.2250738585072011e-308;"
  
  hangs indefinitely, whereas:
  
-   php -r "print 2.2250738585072010e-308;"
+   php -r "print 2.2250738585072010e-308;"
  
  returns immediately.
+ 
+ Confirmed for natty/php5-cli=5.3.3-1ubuntu11

-- 
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for php.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308