Jump to content

Archived

This topic is now archived and is closed to further replies.

Tandem

buffer overflow...

Recommended Posts

I'm having a problem with buffer overflow.

I'm not actually all that familiar with buffer overflow, so forgive/correct me if i get anything wrong.

On my site i have a section where you can input a number and that updates the database, but you have a maximum number. If your input number is higher than your maximum number the transaction with the database is blocked.

However somebody has told me that there is a way to get around this and it seems to work too. You enter a massively long sequence of numbers, in this case he did tens of thousands or numbers, and it somehow bypasses the if statement that blocks it from happening.

Also after you have entered the number it echo's "You successfully entered (number) as your number", but using the buffer overflow method it says "You have successfully entered $inf as your number".

How can i stop this from happening?

Thanks in advance for any replies.

Share this post


Link to post
Share on other sites
This should solve your problem.
The thing that solves it is [url=http://php.net/is_finite]is_finite()[/url].

[code]<?php
$min_number = 0;
$max_number = 10000;
if(is_numeric($_POST['number'] && $_POST['number'] <= $max_number && $_POST['number'] >= $min_number && is_finite($_POST['number'))
{
echo "You successfully entered {$_POST['number']} as your number";
}
else {
echo "You must enter a number within the range {$min_number}-{$max_number}";
}
?>[/code]

Share this post


Link to post
Share on other sites
When i try to use is_finite i get the error:


Warning: is_finite() expects parameter 1 to be double, string given in C:\Pro..... on line 99

my code is
[code]<?
if (($submit == "Send!") && (!empty($get_proper_name)) && (is_finite($amount))) {
...qureies and stuff here....
}
?>[/code]

Share this post


Link to post
Share on other sites
Your variable amount is astring and should be a float. You can use the settype function, like this

settype($amount, "float");

before checking for is_finite.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.