From: Hartmut Holzgraefe <hholzgra@php.net>
Date: Mon, 22 May 2000 20:37:26 +0000 (+0000)
Subject: in [mt_]rand(): (see BUG #3353)
X-Git-Tag: PRE_EIGHT_BYTE_ALLOC_PATCH~348
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=398923de533c76113c16019362b214584f5da467;p=php

in [mt_]rand(): (see BUG #3353)
- additional range checking for (max-min)<=[MT_]RAND_MAX
- [mt_]rand(0,[mt_]getrandmax()) will now work without integer overflow
---

diff --git a/ext/standard/rand.c b/ext/standard/rand.c
index 712197bd0f..73b81f922a 100644
--- a/ext/standard/rand.c
+++ b/ext/standard/rand.c
@@ -243,6 +243,8 @@ PHP_FUNCTION(rand)
 			convert_to_long_ex(p_max);
 			if ((*p_max)->value.lval-(*p_min)->value.lval <= 0) {
 				php_error(E_WARNING,"rand():  Invalid range:  %ld..%ld", (*p_min)->value.lval, (*p_max)->value.lval);
+			}else if ((*p_max)->value.lval-(*p_min)->value.lval > RAND_MAX){
+				php3_error(E_WARNING,"rand():  Invalid range:  %ld..%ld", (*p_min)->value.lval, (*p_max)->value.lval);
 			}
 			break;
 		default:
@@ -287,7 +289,7 @@ PHP_FUNCTION(rand)
      */
 	if (p_min && p_max) { /* implement range */
 		return_value->value.lval = (*p_min)->value.lval +
-			(int)((double)((*p_max)->value.lval - (*p_min)->value.lval + 1) * return_value->value.lval/(PHP_RAND_MAX+1.0));     
+			(int)((double)((*p_max)->value.lval - (*p_min)->value.lval + 1.0) * return_value->value.lval/(PHP_RAND_MAX+1.0));     
 	}
 }
 /* }}} */
@@ -308,7 +310,9 @@ PHP_FUNCTION(mt_rand)
 			convert_to_long_ex(p_min);
 			convert_to_long_ex(p_max);
 			if ((*p_max)->value.lval-(*p_min)->value.lval <= 0) {
-				php_error(E_WARNING,"mtrand():  Invalid range:  %ld..%ld", (*p_min)->value.lval, (*p_max)->value.lval);
+				php_error(E_WARNING,"mt_rand():  Invalid range:  %ld..%ld", (*p_min)->value.lval, (*p_max)->value.lval);
+			}else if ((*p_max)->value.lval-(*p_min)->value.lval > MT_RAND_MAX){
+				php3_error(E_WARNING,"mt_rand():  Invalid range:  %ld..%ld",(*p_min)->value.lval, (*p_max)->value.lval);
 			}
 			break;
 		default:
@@ -329,7 +333,7 @@ PHP_FUNCTION(mt_rand)
 
 	if (p_min && p_max) { /* implement range */
 		return_value->value.lval = (*p_min)->value.lval +
-			(long)((double)((*p_max)->value.lval - (*p_min)->value.lval + 1) * return_value->value.lval/(MT_RAND_MAX+1.0));
+			(long)((double)((*p_max)->value.lval - (*p_min)->value.lval + 1.0) * return_value->value.lval/(MT_RAND_MAX+1.0));
 	}
 }
 /* }}} */