Fixed bug #77742

By avoiding integer overflow in the implementation entirely. The
multiplication was already explicitly checked for overflow, so also
add a check for the addition and remove the overflow checks after
the calculation.

2 files changed, 16 insertions, 5 deletions

diff --git a/NEWS b/NEWS
index a088343e21..ad1b28ae22 100644
--- a/NEWS
+++ b/NEWS
@@ -11,6 +11,10 @@ PHP                                                                        NEWS
   . Fixed bug #77676 (Unable to run tests when building shared extension on
     AIX). (Kevin Adler)
 
+- Bcmath:
+  . Fixed bug #77742 (bcpow() implementation related to gcc compiler
+    optimization). (Nikita)
+
 - FPM:
   . Fixed bug #77677 (FPM fails to build on AIX due to missing WCOREDUMP).
     (Kevin Adler)
diff --git a/ext/bcmath/libbcmath/src/num2long.c b/ext/bcmath/libbcmath/src/num2long.c
index 81e82a6fac..228f6645a2 100644
--- a/ext/bcmath/libbcmath/src/num2long.c
+++ b/ext/bcmath/libbcmath/src/num2long.c
@@ -54,12 +54,19 @@ bc_num2long (num)
   /* Extract the int value, ignore the fraction. */
   val = 0;
   nptr = num->n_value;
-  for (index=num->n_len; (index>0) && (val<=(LONG_MAX/BASE)); index--)
-    val = val*BASE + *nptr++;
+  for (index = num->n_len; index > 0; index--) {
+    char n = *nptr++;
 
-  /* Check for overflow.  If overflow, return zero. */
-  if (index>0) val = 0;
-  if (val < 0) val = 0;
+    if (val > LONG_MAX/BASE) {
+      return 0;
+    }
+    val *= BASE;
+
+    if (val > LONG_MAX - n) {
+      return 0;
+    }
+    val += n;
+  }
 
   /* Return the value. */
   if (num->n_sign == PLUS)