Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 158096

Summary: FC3 PHP bitwise operations on large integers fails
Product: [Fedora] Fedora Reporter: James Pooton <james>
Component: phpAssignee: Joe Orton <jorton>
Status: CLOSED WONTFIX QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 3   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-05-18 18:18:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description James Pooton 2005-05-18 17:25:01 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)

Description of problem:
PHP versions under FC3 (current update php-4.3.11-2.5.i386.rpm, or any 4.3.X/5.0.X version I've compiled by hand) seem to provide incorrect results on bitwise operations for large integers as compared to the same versions under FC2 (or FC1 and RHES3 which I've tried also).

While I understand that the behaviour of these operation on large (>32bit) integers is supposed to be "undefined", it works correctly on past FC releases and other distros other then FC3.  Correct results can be obtained using PHP's GMP commands, however most existing scripts (especially encyption libs) don't make use of this additional command set.  Seems that scripts for encryption and compression are most effected.

I'm not sure if this bug is releated in some way to #143514 (closed), but it certainly could be.

Sorry if this has been reported, I couldn't find anything other then the bug referenced which has been closed.




Version-Release number of selected component (if applicable):
php-4.3.11-2.5.i386.rpm

How reproducible:
Always

Steps to Reproduce:
1. echo '<?php echo (-3281063054 & 3); ?>' | /usr/bin/php -q


  

Actual Results:  Produces a "0" under FC3

Expected Results:  Prodces the correct answer of "2" under FC2, FC1 and RHES3.

Additional info:

Comment 1 James Pooton 2005-05-18 17:27:57 UTC
For some reason my submission isn't including the product information:

Product Fedora Core  
Component php  
Version fc3  
Platform i386  


Comment 2 Joe Orton 2005-05-18 18:18:07 UTC
Since Zend will convert the number into a 32-bit integer to do the bitwise "and"
there has to be some choice of how to cope with integer overflow.

In 4.3.10 and previous 4.3.11-based FC3 updates, the behaviour was to truncate.  
Previously, and again in the latest update, it is to rely on the underlying
behaviour of integer oveflow in C (which is strictly undefined in most cases,
but in practice will wrap).

There do exist a number of scripts which rely on the original (and now, current)
behaviour, so we've reverted the patch to maintain the behaviour chosen upstream.

Having language behaviour which is compatible with upstream is really more
important than making some "correct" choice; so I'm marking this WONTFIX.  The
real answer is exactly that which you suggest: scripts should not rely on *any*
behaviour on integer overflow - and should use GMP for such operations.