Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:61445
Return-Path: <nikita.ppv@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 79134 invoked from network); 18 Jul 2012 22:39:25 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 18 Jul 2012 22:39:25 -0000
Authentication-Results: pb1.pair.com smtp.mail=nikita.ppv@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=nikita.ppv@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.170 as permitted sender)
X-PHP-List-Original-Sender: nikita.ppv@gmail.com
X-Host-Fingerprint: 209.85.217.170 mail-lb0-f170.google.com  
Received: from [209.85.217.170] ([209.85.217.170:41751] helo=mail-lb0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id B7/56-46800-C1B37005 for <internals@lists.php.net>; Wed, 18 Jul 2012 18:39:25 -0400
Received: by lbgc1 with SMTP id c1so3125672lbg.29
        for <internals@lists.php.net>; Wed, 18 Jul 2012 15:39:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=Z0sRswL7e47JsFRbfg4p7hvJzRIOQ7vw+OKKq8svkmk=;
        b=z9/AB/r4qnSO7RzZfbBpmlNSmBqfHMubjDWxI4FbNcvDtaf3iD5/mOnfaOpI5t0I5d
         ZHi/OHBU6ieSeU4/aCthPcCUVoOw1JmHKAhZ56mwkwaz7wVRQ6+DYiJ5VoBFfN23g1wg
         PHIJwtMz8Fgc0KWsUuJdM3iK7xtpqSLeT7DjEvnRiQlsBB8JokNksxTW5vX8f0+bXFxG
         KOi2zr7TkjAQz6BPWZx4iIZc9YWZlhKJkQCJc1zupYfOwlsGTvJMt5k5PCxb5s1A/Nl2
         oLnt0aPnLcrcOOV+mzjdoFxDmZxr7TBDnXrMMm6WVoOL06BfM2sztDWIcKdxZOjpf+3G
         nu2A==
MIME-Version: 1.0
Received: by 10.152.132.40 with SMTP id or8mr5474889lab.24.1342651161356; Wed,
 18 Jul 2012 15:39:21 -0700 (PDT)
Received: by 10.152.114.70 with HTTP; Wed, 18 Jul 2012 15:39:21 -0700 (PDT)
Date: Thu, 19 Jul 2012 00:39:21 +0200
Message-ID: <CAF+90c-8CENDFSsF=D3ag1s5yvhWvuedUzjwmPPDbTTXyETk8g@mail.gmail.com>
To: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset=ISO-8859-1
Subject: Integer overflows on float to int casts
From: nikita.ppv@gmail.com (Nikita Popov)

Hi internals!

When a large floating point number is cast to an integer we currently
have very low-level C behavior (integer overflow and wraparound):

$ /c/php-5.4.1/php -r 'var_dump((int) 4000000000);'
int(-294967296)

$ /c/php-5.4.1/php -r 'var_dump((int) 6000000000);'
int(1705032704)

As a fun fact, if you do the same thing with a string float the number
if clipped instead of wrapped:

$ /c/php-5.4.1/php -r 'var_dump((int) "4000000000");'
int(2147483647)

This also applies to zend_parse_parameters. l arguments are wrapped, L
arguments are clipped.

In my eyes this kind of behavior has nothing to do in PHP. PHP is a
high-level language, it shouldn't exhibit low-level stuff like integer
overflows and wraparound.

I think that at least for zend_parse_parameters this should be
changed. Overflowing float parameters should not be accepted. Instead
throw the usual E_WARNING and return FAILURE.

I'm not sure though what one should do about the explicit (int) cast.
My preference would be to throw a notice and use the clipping
behavior.

Thoughts?

Nikita