Make WordPress Core


Ignore:
Timestamp:
08/31/2012 09:45:50 AM (12 years ago)
Author:
westi
Message:

Make sure that we always generate random numbers correctly even if the PHP build is slightly broken and truncates large integers.

Fixes #19571 props mdawaffe.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/pluggable.php

    r21664 r21685  
    14971497
    14981498if ( !function_exists('wp_rand') ) :
    1499  /**
     1499/**
    15001500 * Generates a random number
    15011501 *
    15021502 * @since 2.6.2
    15031503 *
    1504  * @param int $min Lower limit for the generated number (optional, default is 0)
    1505  * @param int $max Upper limit for the generated number (optional, default is 4294967295)
     1504 * @param int $min Lower limit for the generated number
     1505 * @param int $max Upper limit for the generated number
    15061506 * @return int A random number between min and max
    15071507 */
     
    15321532    $value = abs(hexdec($value));
    15331533
     1534    // Some misconfigured 32bit environments (Entropy PHP, for example) truncate integers larger than PHP_INT_MAX to PHP_INT_MAX rather than overflowing them to floats.
     1535    $max_random_number = 3000000000 === 2147483647 ? (float) "4294967295" : 4294967295; // 4294967295 = 0xffffffff
     1536
    15341537    // Reduce the value to be within the min - max range
    1535     // 4294967295 = 0xffffffff = max random number
    15361538    if ( $max != 0 )
    1537         $value = $min + (($max - $min + 1) * ($value / (4294967295 + 1)));
     1539        $value = $min + ( $max - $min + 1 ) * $value / ( $max_random_number + 1 );
    15381540
    15391541    return abs(intval($value));
Note: See TracChangeset for help on using the changeset viewer.