On Wed, Jul 8, 2015 at 11:59 AM, Scott Arciszewski <sc...@paragonie.com>
wrote:

> Hi everyone,
>
> I'm working on a library to backport random_bytes() and random_int()
> into PHP 5. The effort is located on Github if anyone is interested:
> https://github.com/paragonie/random_compat
>
> My reason for this email is that I'm running into one compatibility
> issue that I don't think I can safely work around: If we let
> random_int() default to -PHP_INT_MAX and PHP_INT_MAX, then the
> difference between the two (used to calculate the range) will overflow
> into a float, which will lead to a loss of precision.
>
> My current compromise is to use -(PHP_INT_MAX/2) and PHP_INT_MAX/2,
> but I'm not sure if there's a better solution.
>

random_int() arguments don't have default values, you have to explicitly
pass both. (Of course you still have a problem if someone does pass them :)

Nikita

Reply via email to