Bug appearing at my Core 2 Duo / Win7 / PHP 5.3.0.
This is really serious. In fact, I’ve just tested if the problem happens for GET passed values and it does. Not all the passed data to a website is treated as a number, so not all websites with the PHP versions and configuration that could fail with this bug will be vulnerable, but definitely there is going to be a huge amount of websites that will do. This is really scaring.
I hope the PHP team patch it soon.
Meanwhile, a possible workaround would be adding this line at the very top of the execution of php website:
if (strpos(str_replace('.', '', serialize($GLOBALS)), '22250738585072011')!==false) die();
This will stop execution if any decimal version of the number were passed as parameter. Note that 222.50738585072011e-310 cause problems too, and any of the other possibilities to write it.
Do you know if there are any other possible ways to write the number that causes trouble too?
Only if that parameter is treated as number and not as string. And only if the php version/configuration have that bug. It seems to be a problem when converting from decimal string to number.
In Windows it leaves a zombie resource putting the cpu to 100%, so it doesn't seems to be a nice thing...
It's going to be a very, very small subset of websites running PHP that could be hung...
- Must be one of the PHP 5.3.3 versions with the bug, where very very few web hosts are running such a recent version (5.0, 5.1 and 5.2 branches are much more common)
- Must be a 32-bit version, no bug in 64-bit
- The PHP program must try to use the input as a number
