PHP float bug with 2.2250738585072011e-308

I’ve recently been informed that a serious PHP bug has been discovered.
Basically, when PHP convert the value 2.2250738585072011e-308 (any manipulation such as conversion to int or sum with another value) it hangs and stop working.

See discussions and more info
http://bugs.php.net/bug.php?id=53632
http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/
http://news.ycombinator.com/item?id=2066084

Consequences are trivial to foresee: a site can be hacked by simply passing the value in the URL or by submitting it in a form if the (very frequent) operations above are executed.

It seems that the patch has been committed to the PHP’s SVN but the new release to download is not yet available.

I’ve googled a solution, and at first glance the following one seems OK to me
http://www.aircraft24.com/en/info/php-float-dos-quickfix.htm

code:


// *************************************************************
// QUICK FIX / WORKAROUND FOR PHP FLOATING POINT DOS ATTACK
// provided by AirCraft24.com / www.aircraft24.com
// version 1.5, released 2011-01-06 14:00 GMT+1
// *************************************************************

if (strstr(str_replace('.','',serialize($_REQUEST)), '22250738585072011')) 
{
  header('Status: 422 Unprocessable Entity');
  die ('Script interrupted due to floating point DoS attack.');
}

// *************************************************************
// END QUICK FIX / WORKAROUND FOR PHP FLOATING POINT DOS ATTACK	
// *************************************************************