PHP floating point bug possibly misinterpreted
Andrew Haley
aph at redhat.com
Fri Jan 14 12:05:01 UTC 2011
On 01/13/2011 07:24 PM, Michael Cronenworth wrote:
> PHP recently underwent a bit of a security crisis when many media
> outlets disclosed the presence of a floating point bug. (RH bug here[1])
>
> I feel I should bring attention to a PHP developer response[2] to this
> bug. Warning: There is a bit of emotion inside. They feel it is a gcc
> bug in FP handling, which seems (in my limited knowledge) to be
> accurate. The gcc fix was provided, not by changing default behavior,
> but by a compiler flag "-fexcess-precision=standard". Since this is a
> gcc bug (I believe bug is the right term) this could affect any gcc
> compiled code for the x86 arch that uses FP. Should the default gcc
> compiler flag set include the new flag?
It's perhaps important to note that gcc is not standards-conforming
by default, and if you want it to be you have to use the appropriate
options to say which standard you want it to conform to. The
defaults are a best guess at what people might want.
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=667806
> [2] http://blog.andreas.org/display?id=9
LOL! Poor Andrew Pinski; he's just the hard-working volunteer who
kept the bug database up to date.
Andrew.
More information about the devel
mailing list