Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:66752
Return-Path: <ab@php.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 13731 invoked from network); 22 Mar 2013 10:34:55 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 22 Mar 2013 10:34:55 -0000
Authentication-Results: pb1.pair.com smtp.mail=ab@php.net; spf=unknown; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=ab@php.net; sender-id=unknown
Received-SPF: unknown (pb1.pair.com: domain php.net does not designate 85.214.73.107 as permitted sender)
X-PHP-List-Original-Sender: ab@php.net
X-Host-Fingerprint: 85.214.73.107 klapt.com  
Received: from [85.214.73.107] ([85.214.73.107:39028] helo=h1123647.serverkompetenz.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id DF/21-32001-CC33C415 for <internals@lists.php.net>; Fri, 22 Mar 2013 05:34:53 -0500
Received: by h1123647.serverkompetenz.net (Postfix, from userid 33)
	id 599E16FCBEC; Fri, 22 Mar 2013 11:34:49 +0100 (CET)
Received: from 188.110.57.176
        (SquirrelMail authenticated user anatol@belski.net)
        by webmail.klapt.com with HTTP;
        Fri, 22 Mar 2013 11:34:49 +0100
Message-ID: <271fce1b580082a7dfd686682902cdcc.squirrel@webmail.klapt.com>
In-Reply-To:
 <CA+9eiLs8tQ7YJx099sE-Byxgz6HNXoA6xNjsOHCo1MctuRYQrw@mail.gmail.com>
References: <56994bc16a23a22f5e1b71c94b792dce.squirrel@webmail.klapt.com>
    <CA+9eiLu3XjHA_-2cPMCOx0NyvZ+gg15RAvbnHTSpUsoRdMZwjw@mail.gmail.com>
    <CA+9eiLt_WaH=cOJCS2xi0Z9iAkunSEjRjEf3ThCBHYw-cnaBNg@mail.gmail.com>
    <edc2ace420bf45c9f1a9d9a5fd2b4069.squirrel@webmail.klapt.com>
    <CA+9eiLs8tQ7YJx099sE-Byxgz6HNXoA6xNjsOHCo1MctuRYQrw@mail.gmail.com>
Date: Fri, 22 Mar 2013 11:34:49 +0100
To: "Dmitry Stogov" <dmitry@zend.com>
Cc: "internals" <internals@lists.php.net>,
 "Rasmus Lerdorf" <rasmus@lerdorf.com>
Reply-To: ab@php.net
User-Agent: SquirrelMail/1.5.2 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=UTF-8
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] Re: Fix for #64450
From: ab@php.net ("Anatol Belski")

On Fri, March 22, 2013 10:08, Dmitry Stogov wrote:
> Thanks, now I understood. :)
>
>
> anyway I see a problem. For example on x86_64 double is not always able
> to keep a long number without precision lost. May be you should receive
> arguments as zvals and use old or new code depending on input types.

Damn that's right, I've just read this page
http://www.viva64.com/en/a/0004/#ID0EQ3BI

double is on both x64 and x86 64 bit, but effectively 52 bits used for the
integer part. My patch would work on 32 bit Linux and both x86 and x64
windows, but would fail on x64 Linux/unix systems. I have to come up with
a better solution to do this check on compile or (more likely) on run
time.

>
> BTW: I'm not sure if rand() should be fixed at all.
> According to http://php.net/manual/en/function.rand.php it should accept
> integers and return integer.

Yep, formally it's documented. De facto users meet that issue and that
could indeed be made better, that's my motivation.

Thanks for the tips.

Anatol


> Thanks. Dmitry.
>
>
> On Fri, Mar 22, 2013 at 12:08 PM, Anatol Belski <ab@php.net> wrote:
>
>
>> Dmitry,
>>
>>
>> first of all thanks for taking a look :)
>>
>> The issue in a few words
>> - mt_rand reads arguments as long
>> - user pass a float from the userspace
>> - zend_parse_parameters with 'l' casts to long
>>
>>
>> Here's the essential snippet
>> echo mt_rand(0,pow(10,12)); PHP Warning:  mt_rand(): max(-727379968) is
>> smaller than min(0)
>>
>> So reading as long would probably not work, in the first place because
>> the input data exceeding LONG_MAX will be corrupted by the conversion.
>> So what
>> I did
>> - read input as max precision possible, no corruption
>> - calculate as well with double
>> - return the old way int if it's in LONG_MAX range, otherwise return
>> float
>>
>> Is there a solution I don't see (or do I get your suggestion wrong)?
>> It's
>> just essential to get the input as precise as it can be across PHP.
>>
>> Besides that what could be impacts changing input arg types in this
>> concrete case? User probably wouldn't realize that at all.
>>
>> Thanks
>>
>>
>> Anatol
>>
>>
>> On Fri, March 22, 2013 07:40, Dmitry Stogov wrote:
>>
>>> Hi Anatol,
>>>
>>>
>>>
>>> To be honest, I didn't understand all the details of the patch :)
>>>
>>>
>>>
>>> However, I see a problem:
>>> You changed the prototype of user level rand() function to receive
>>> double arguments instead of long. I think it's disallowed, but you may
>>> get arguments as longs and then convert them to double. Will it work?
>>>
>>>
>>> Thanks. Dmitry.
>>>
>>>
>>>
>>> On Thu, Mar 21, 2013 at 9:26 PM, Dmitry Stogov <dmitry@zend.com>
>>> wrote:
>>>
>>>
>>>
>>>> I'll able to look only tomorrow morning.
>>>>
>>>>
>>>>
>>>> Thanks. Dmitry.
>>>>
>>>>
>>>>
>>>>
>>>> On Thu, Mar 21, 2013 at 8:46 PM, Anatol Belski <ab@php.net> wrote:
>>>>
>>>>
>>>>
>>>>> Hi Dmitry,
>>>>>
>>>>>
>>>>>
>>>>> I developed a patch for this one
>>>>> https://bugs.php.net/bug.php?id=64450 .
>>>>> It's regarding to the long overflow in mt_rand(). The main idea is
>>>>> to work with the args as double internally and then return php
>>>>> float if it exceeds the LONG_MAX. I strived to let the old
>>>>> behavior to be unchanged, all the older tests pass. Please take a
>>>>> look.
>>>>>
>>>>> Regards
>>>>>
>>>>>
>>>>>
>>>>> Anatol
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>