Index: Zend/zend.h
===================================================================
RCS file: /repository/ZendEngine2/zend.h,v
retrieving revision 1.293.2.11.2.9.2.32
diff -u -r1.293.2.11.2.9.2.32 zend.h
--- Zend/zend.h	18 Feb 2009 10:55:08 -0000	1.293.2.11.2.9.2.32
+++ Zend/zend.h	17 Mar 2009 16:04:40 -0000
@@ -262,6 +262,18 @@
 #define LONG_MIN (- LONG_MAX - 1)
 #endif
 
+#if SIZEOF_LONG == 4
+#define MAX_LENGTH_OF_LONG 11
+static const char long_min_digits[] = "2147483648";
+#elif SIZEOF_LONG == 8
+#define MAX_LENGTH_OF_LONG 20
+static const char long_min_digits[] = "9223372036854775808";
+#else
+#error "Unknown SIZEOF_LONG"
+#endif
+
+#define MAX_LENGTH_OF_DOUBLE 32
+
 #undef SUCCESS
 #undef FAILURE
 #define SUCCESS 0
Index: Zend/zend_hash.h
===================================================================
RCS file: /repository/ZendEngine2/zend_hash.h,v
retrieving revision 1.78.2.2.2.2.2.8
diff -u -r1.78.2.2.2.2.2.8 zend_hash.h
--- Zend/zend_hash.h	31 Dec 2008 11:15:32 -0000	1.78.2.2.2.2.2.8
+++ Zend/zend_hash.h	17 Mar 2009 16:05:00 -0000
@@ -313,9 +313,10 @@
 	}																					\
 	if ((*tmp>='0' && *tmp<='9')) do { /* possibly a numeric index */					\
 		const char *end=key+length-1;															\
-		long idx;																		\
+		long idx = end - tmp; /* temp var for remaining length (number of digits) */	\
 																						\
-		if (*tmp++=='0' && length>2) { /* don't accept numbers with leading zeros */	\
+		if (idx > MAX_LENGTH_OF_LONG - 1 || (*tmp++ == '0' && length > 2)) {			\
+			/* don't accept numbers too long or with leading zeros */					\
 			break;																		\
 		}																				\
 		while (tmp<end) {																\
@@ -325,17 +326,16 @@
 			tmp++;																		\
 		}																				\
 		if (tmp==end && *tmp=='\0') { /* a numeric index */								\
-			if (*key=='-') {															\
-				idx = strtol(key, NULL, 10);											\
-				if (idx!=LONG_MIN) {													\
-					return func;														\
-				}																		\
-			} else {																	\
-				idx = strtol(key, NULL, 10);											\
-				if (idx!=LONG_MAX) {													\
-					return func;														\
+			if (idx == MAX_LENGTH_OF_LONG - 1) {										\
+				int cmp = strcmp(end - (MAX_LENGTH_OF_LONG - 1), long_min_digits);		\
+																						\
+				if (!(cmp < 0 || (cmp == 0 && *key == '-'))) {							\
+					break;																\
 				}																		\
 			}																			\
+																						\
+			idx = strtol(key, NULL, 10);												\
+			return func;																\
 		}																				\
 	} while (0);																		\
 }
Index: Zend/zend_operators.h
===================================================================
RCS file: /repository/ZendEngine2/zend_operators.h,v
retrieving revision 1.94.2.4.2.10.2.13
diff -u -r1.94.2.4.2.10.2.13 zend_operators.h
--- Zend/zend_operators.h	5 Jan 2009 20:31:51 -0000	1.94.2.4.2.10.2.13
+++ Zend/zend_operators.h	17 Mar 2009 16:04:00 -0000
@@ -36,18 +36,6 @@
 #include "ext/bcmath/libbcmath/src/bcmath.h"
 #endif
 
-#if SIZEOF_LONG == 4
-#define MAX_LENGTH_OF_LONG 11
-static const char long_min_digits[] = "2147483648";
-#elif SIZEOF_LONG == 8
-#define MAX_LENGTH_OF_LONG 20
-static const char long_min_digits[] = "9223372036854775808";
-#else
-#error "Unknown SIZEOF_LONG"
-#endif
-
-#define MAX_LENGTH_OF_DOUBLE 32
-
 BEGIN_EXTERN_C()
 ZEND_API int add_function(zval *result, zval *op1, zval *op2 TSRMLS_DC);
 ZEND_API int sub_function(zval *result, zval *op1, zval *op2 TSRMLS_DC);