I'd like to receive a negative number value with decimal places from another server using cURL. However, I'd like to prevent any buffer overflows like I do when I set a string to a set limit.

$price = substr($price,0,20);

However, it only works with letters and produces no value if the server passes -12.99

Is there anyway to limit the size to prevent buffer overflow attacks? I believe by checking string length then using an if/else concept won't be safe enough.

Any thoughts?

Thanks

J