Fleximus Blog

  

This release resolves a critical security issue where the PHP interpreter can hang on a string to double conversion if x87 FPU registers are internally used. This DoS vulnerability is reported as PHP bug #53632 and CVE-2010-4645.

To verify if your system is also affected, you can use this script and execute it from the command line:

<?php
/\* +----------------------------------------------------------------------+
   | PHP Version 5                                                        |
   +----------------------------------------------------------------------+
   | Copyright (c) 2011 The PHP Group                                     |
   +----------------------------------------------------------------------+
   | This source file is subject to version 3.01 of the PHP license,      |
   | that is bundled with this package in the file LICENSE, and is        |
   | available through the world-wide-web at the following url:           |
   | http://www.php.net/license/3_01.txt                                  |
   | If you did not receive a copy of the PHP license and are unable to   |
   | obtain it through the world-wide-web, please send a note to          |
   | license@php.net so we can mail you a copy immediately.               |
   +----------------------------------------------------------------------+
   | Author: Johannes Schlueter <johannes@php.net>                        |
   +----------------------------------------------------------------------+
\*/

if (PHP_SAPI != 'cli') {
    die("Please run this test from CLI!\n");}

ini_set('display_errors', 1);
ini_set('output_buffering', 0);
error_reporting(-1);
if (!ini_get('safe_mode')) {
    set_time_limit(1);
}

echo "Testing float behaviour. If this script hangs or terminates with an error ".
     "message due to maximum execution time limit being reached, you should ".
     "update your PHP installation asap!\n";
echo "For more information refer to <http://bugs.php.net/53632>.\n";
$d = (double)"2.2250738585072011e-308";
echo "Your system seems to be safe.\n";
?>
PHP