From 4f3ab10786809cf720c81c8ad29aa6eaacc8ae0a Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Tue, 23 Nov 2010 13:09:15 +0000 Subject: [PATCH] Fixed bug #46587 (mt_rand() does not check that max is greater than min). --- NEWS | 2 ++ ext/standard/rand.c | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/NEWS b/NEWS index c2c108e2e6..4c9618bcb9 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,8 @@ EXTR_OVERWRITE. (jorto at redhat dot com) . Fixed bug #47168 (printf of floating point variable prints maximum of 40 decimal places). (Ilia) + . Fixed bug #46587 (mt_rand() does not check that max is greater than min). + (Ilia) - Intl extension: . Fixed crashes on invalid parameters in intl extension (Stas, Maksymilian diff --git a/ext/standard/rand.c b/ext/standard/rand.c index 4f1f18b278..eb26cc5c50 100644 --- a/ext/standard/rand.c +++ b/ext/standard/rand.c @@ -322,6 +322,11 @@ PHP_FUNCTION(mt_rand) php_mt_srand(GENERATE_SEED() TSRMLS_CC); } + if (max < min) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "max(%d) is smaller than min(%d)", max, min); + RETURN_FALSE; + } + /* * Melo: hmms.. randomMT() returns 32 random bits... * Yet, the previous php_rand only returns 31 at most. -- 2.40.0