PHP Floating Point Bug may Crash Servers

A newly identified bug in certain versions of the PHP scripting language could crash servers when the software is given the task of converting a large floating point number. This may even raise the possibility that hackers may exploit this glitch.

According to information, the bug will cause the PHP processing software to enter an infinite loop when it attempts to convert the series of digits “2.2250738585072011e-308” from the string format into the floating point format.

The bug currently appears to be affecting only versions 5.2 and 5.3 running on Intel 32-bit CPUs that use the x87 instruction set.

In order to fix the bug, users are advised to download patches for those versions and recompile PHP with additional flags for handling floating point digits.

It is suspected that malicious users may be in a position to feed the number to a PHP processor through the ‘GET’ function, which could lead to the server crashing. This, however, has not been confirmed.

Enjoyed this article? Submit your email to receive daily news and updates.

***You must click confirmation link sent in email. If you don't see the email, check spam folder.

Filed in: News, Security Tags: , ,

Leave a Reply

Submit Comment

© 2022 Tech Readers. Reproduction without explicit permission is prohibited. All Rights Reserved. XHTML / CSS Valid.