PHP Floating Point Bug may Crash Servers

A newly identified bug in certain versions of the PHP scripting language could crash servers when the software is given the task of converting a large floating point number. This may even raise the possibility that hackers may exploit this glitch.

According to information, the bug will cause the PHP processing software to enter an infinite loop when it attempts to convert the series of digits “2.2250738585072011e-308″ from the string format into the floating point format.

The bug currently appears to be affecting only versions 5.2 and 5.3 running on Intel 32-bit CPUs that use the x87 instruction set.

php logo 300x158 PHP Floating Point Bug may Crash Servers

In order to fix the bug, users are advised to download patches for those versions and recompile PHP with additional flags for handling floating point digits.

It is suspected that malicious users may be in a position to feed the number to a PHP processor through the ‘GET’ function, which could lead to the server crashing. This, however, has not been confirmed.

Filed Under: NewsSecurity

Tags: , ,

Leave a Reply

If you want a picture to show with your comment, go get a Gravatar.