Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit d17ed34

Browse files
Fixed GH-16978: Avoid unnecessary padding with leading zeros (#16988)
Fixed an issue where leading zeros were padded beyond the allocated memory. fixes #16978 closes #16988 
1 parent 8d25978 commit d17ed34

File tree

3 files changed

+17
-0
lines changed

3 files changed

+17
-0
lines changed

‎NEWS‎

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,10 @@ PHP NEWS
22
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
33
?? ??? ????, PHP 8.4.2
44

5+
- BcMath:
6+
. Fixed bug GH-16978 (Avoid unnecessary padding with leading zeros)
7+
(Saki Takamachi)
8+
59
- Core:
610
. Fixed bug GH-16344 (setRawValueWithoutLazyInitialization() and
711
skipLazyInitialization() may change initialized proxy). (Arnaud)

‎ext/bcmath/libbcmath/src/div.c‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -436,6 +436,7 @@ bool bc_divide(bc_num numerator, bc_num divisor, bc_num *quot, size_t scale)
436436
numerator_bottom_extension = 0;
437437
numeratorend -= scale_diff > numerator_top_extension ? scale_diff - numerator_top_extension : 0;
438438
}
439+
numerator_top_extension = MIN(numerator_top_extension, scale);
439440
} else {
440441
numerator_bottom_extension += scale - numerator_scale;
441442
}

‎ext/bcmath/tests/gh16978.phpt‎

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
--TEST--
2+
GH-16978 Stack buffer overflow ext/bcmath/libbcmath/src/div.c:464:12 in bc_divide
3+
--EXTENSIONS--
4+
bcmath
5+
--FILE--
6+
<?php
7+
echo bcpow('10', '-112', 10) . "\n";
8+
echo bcdiv('1', '10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000', 1);
9+
?>
10+
--EXPECT--
11+
0.0000000000
12+
0.0

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /