Index: Zend/zend.h
===================================================================
RCS file: /repository/ZendEngine2/zend.h,v
retrieving revision 1.365
diff -u -r1.365 zend.h
--- Zend/zend.h	18 Feb 2009 10:55:23 -0000	1.365
+++ Zend/zend.h	17 Mar 2009 17:00:50 -0000
@@ -271,6 +271,18 @@
 #define LONG_MIN (- LONG_MAX - 1)
 #endif
 
+#if SIZEOF_LONG == 4
+#define MAX_LENGTH_OF_LONG 11
+static const char long_min_digits[] = "2147483648";
+#elif SIZEOF_LONG == 8
+#define MAX_LENGTH_OF_LONG 20
+static const char long_min_digits[] = "9223372036854775808";
+#else
+#error "Unknown SIZEOF_LONG"
+#endif
+
+#define MAX_LENGTH_OF_DOUBLE 32
+
 #ifdef __GNUC__
 #	define ZSTR(x)    ((zstr)((void*)(x)))
 #	define NULL_ZSTR  ZSTR((void*)NULL)
Index: Zend/zend_hash.h
===================================================================
RCS file: /repository/ZendEngine2/zend_hash.h,v
retrieving revision 1.98
diff -u -r1.98 zend_hash.h
--- Zend/zend_hash.h	31 Dec 2008 11:12:29 -0000	1.98
+++ Zend/zend_hash.h	18 Mar 2009 00:14:00 -0000
@@ -406,9 +406,10 @@
 	}																					\
 	if ((*tmp>='0' && *tmp<='9')) do { /* possibly a numeric index */					\
 		const char *end=key+length-1;													\
-		long idx;																		\
+		long idx = end - tmp; /* temp var for remaining length (number of digits) */	\
 																						\
-		if (*tmp++=='0' && length>2) { /* don't accept numbers with leading zeros */	\
+		if (idx > MAX_LENGTH_OF_LONG - 1 || (*tmp++ == '0' && length > 2)) {			\
+			/* don't accept numbers too long or with leading zeros */					\
 			break;																		\
 		}																				\
 		while (tmp<end) {																\
@@ -418,17 +419,16 @@
 			tmp++;																		\
 		}																				\
 		if (tmp==end && *tmp=='\0') { /* a numeric index */								\
-			if (*key=='-') {															\
-				idx = strtol(key, NULL, 10);											\
-				if (idx!=LONG_MIN) {													\
-					return func;														\
-				}																		\
-			} else {																	\
-				idx = strtol(key, NULL, 10);											\
-				if (idx!=LONG_MAX) {													\
-					return func;														\
+			if (idx == MAX_LENGTH_OF_LONG - 1) {										\
+				int cmp = strcmp(end - (MAX_LENGTH_OF_LONG - 1), long_min_digits);		\
+																						\
+				if (!(cmp < 0 || (cmp == 0 && *key == '-'))) {							\
+					break;																\
 				}																		\
 			}																			\
+																						\
+			idx = strtol(key, NULL, 10);												\
+			return func;																\
 		}																				\
 	} while (0);																		\
 }
@@ -441,9 +441,10 @@
 	}																					\
 	if ((*tmp>=0x30 /*'0'*/ && *tmp<=0x39 /*'9'*/)) do { /* possibly a numeric index */	\
 		UChar *end=key+length-1;														\
-		long idx;																		\
+		long idx = end - tmp; /* temp var for remaining length (number of digits) */	\
 																						\
-		if (*tmp++==0x30 && length>2) { /* don't accept numbers with leading zeros */	\
+		if (idx > MAX_LENGTH_OF_LONG - 1 || (*tmp++ == 0x30 && length > 2)) {			\
+			/* don't accept numbers too long or with leading zeros */								\
 			break;																		\
 		}																				\
 		while (tmp<end) {																\
@@ -453,17 +454,16 @@
 			tmp++;																		\
 		}																				\
 		if (tmp==end && *tmp==0) { /* a numeric index */								\
-			if (*key==0x2D /*'-'*/) {													\
-				idx = zend_u_strtol(key, NULL, 10);										\
-				if (idx!=LONG_MIN) {													\
-					return func;														\
-				}																		\
-			} else {																	\
-				idx = zend_u_strtol(key, NULL, 10);										\
-				if (idx!=LONG_MAX) {													\
-					return func;														\
+			if (idx == MAX_LENGTH_OF_LONG - 1) {										\
+				int cmp = zend_cmp_unicode_and_literal(end - (MAX_LENGTH_OF_LONG - 1), idx, long_min_digits, idx);	\
+																						\
+				if (!(cmp < 0 || (cmp == 0 && *key == 0x2D /*'-'*/))) {					\
+					break;																\
 				}																		\
 			}																			\
+																						\
+			idx = zend_u_strtol(key, NULL, 10);											\
+			return func;																\
 		}																				\
 	} while (0);																		\
 }
Index: Zend/zend_operators.h
===================================================================
RCS file: /repository/ZendEngine2/zend_operators.h,v
retrieving revision 1.135
diff -u -r1.135 zend_operators.h
--- Zend/zend_operators.h	5 Jan 2009 19:47:12 -0000	1.135
+++ Zend/zend_operators.h	17 Mar 2009 17:00:30 -0000
@@ -36,18 +36,6 @@
 #include "ext/bcmath/libbcmath/src/bcmath.h"
 #endif
 
-#if SIZEOF_LONG == 4
-#define MAX_LENGTH_OF_LONG 11
-static const char long_min_digits[] = "2147483648";
-#elif SIZEOF_LONG == 8
-#define MAX_LENGTH_OF_LONG 20
-static const char long_min_digits[] = "9223372036854775808";
-#else
-#error "Unknown SIZEOF_LONG"
-#endif
-
-#define MAX_LENGTH_OF_DOUBLE 32
-
 BEGIN_EXTERN_C()
 ZEND_API int add_function(zval *result, zval *op1, zval *op2 TSRMLS_DC);
 ZEND_API int sub_function(zval *result, zval *op1, zval *op2 TSRMLS_DC);