Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:113346 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 39592 invoked from network); 3 Mar 2021 14:14:05 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 3 Mar 2021 14:14:05 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 20303180504 for ; Wed, 3 Mar 2021 06:04:36 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com [209.85.167.44]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Wed, 3 Mar 2021 06:04:35 -0800 (PST) Received: by mail-lf1-f44.google.com with SMTP id p21so37219277lfu.11 for ; Wed, 03 Mar 2021 06:04:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=HIs1YBq7dOSNzeRwAZSfRb5eiNOnTW9tti4DJ04rjNk=; b=FLMwEiUyOJdSY4A+a/u80ly8mCUOxfjsEzFRllE5dms8kRSLoDicypUa0oqttvzg/h pkgGFyyuHMeTBNKf5cKzyLTEX9wcjhaPO9BLeDiC4IMEEaciF/TpadMeJbYIgpWOerHe 0CZ/H8kpqXJpzu8kP/BR23ep6CS723K0odqgM5VbodQuTA6WvL23ja7C9iPn1n6uDUZD fdLcyQDgOCP3iCrLf7xLHyx8aG7DBgowAbkkAjSqttNUPjntZbzYv39cwS9vgiSAnAIW RDf7SCUqwh6w3ecEQSdVqhAAZ6tNqkyA2pRlxNk42JtJYiIJS4y41AfRM7DvqjpM09vU hpSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=HIs1YBq7dOSNzeRwAZSfRb5eiNOnTW9tti4DJ04rjNk=; b=bOyN5fC5Okk5a/FpkH0Kz9WhsJ6AYhfcpowQ79EUt0b0kKkLMWkqsiYSEWJLpIGlMP pTWzD0UqLbIACF75bKhMVj6jrQKICMK/sTgAzrJlZIKOBkLpqR1+7p/O2WJvWpQ0NrHC xvHgx7M+aiaZayYGo4YLD3y0IS6/OyTxZ4BDSKWida+UJzBTkCEwcHunvZfI/OUtHzXF vaoM4C9ka9HUMzDgS29cD4KNWdWYR9rSdKCFkrJKnBITdGARXgPridiNwNYRyK84a+6S hSMiCmdaMFEW/hm6c7aNwGVRhB78ifpuWyB83B0yj7qEAGe2+B3GQpEY3qLtGf0KLLl8 M79Q== X-Gm-Message-State: AOAM531vLVpLH56phZI/DCgAv1kgtlYJ9DIqW/J4DbWPU3YfvB7BZxnP 06bvBo6X63HdQEjGzCAvNZRUOKq3V5BKQkO33ubvxdbiKh6S6A== X-Google-Smtp-Source: ABdhPJz6OB0ju49s0Sk7L2a80MW/NDxA4wlOqE41aVNGsezLHnorOiGstfLOB7+HhrstsnQuUB77w+SbHqvi7mMCK7Q= X-Received: by 2002:a05:6512:3a86:: with SMTP id q6mr16081687lfu.286.1614780271753; Wed, 03 Mar 2021 06:04:31 -0800 (PST) MIME-Version: 1.0 Date: Wed, 3 Mar 2021 15:04:15 +0100 Message-ID: To: PHP internals Content-Type: multipart/alternative; boundary="0000000000007d008405bca25498" Subject: Don't compare zero exponentials in strings as equal From: nikita.ppv@gmail.com (Nikita Popov) --0000000000007d008405bca25498 Content-Type: text/plain; charset="UTF-8" Hi internals, PHP's == comparison semantics for strings have a peculiar edge-case, where comparisons of the form "0e123" == "0e456" return true, because they are interpreted as floating point zero numbers. This is problematic, because strings of that form are usually not numbers, but hex-encoded hashes or similar. I'm wondering if it may make sense to special-case the comparison semantics to not consider strings of the form "0e[DIGITS]" equal, unless they are exactly equal (i.e., fall back to lexicographical if both sides of the comparison are zero exponentials). Here's a possible implementation: https://github.com/php/php-src/pull/6749 Of course, the usual rule that you should always use === still holds, but this at least eliminates the most dangerous edge case. Regards, Nikita --0000000000007d008405bca25498--