php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #15362 date("r") returns wrong timezone offset, can cause crash
Submitted: 2002-02-03 21:12 UTC Modified: 2002-07-04 13:37 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: warwick at imvs dot sa dot gov dot au Assigned:
Status: Closed Package: Date/time related
PHP Version: 4.1.1 OS: Linux 6.2 and 7.2
Private report: No CVE-ID: None
 [2002-02-03 21:12 UTC] warwick at imvs dot sa dot gov dot au
I have tested both PHP 4.1.1 and PHP 4.05 and the following occurs for both.

The date('r') call returns the wrong timezone offset (in my case "+101800") which causes a buffer overflow in datetime.c

The date("Z") call correctly returns the timezone offset number of seconds (630 in my case).

The undocumented (in the PHP manual anyway) option to strftime('%z') returns the correct value of +1030.

The timezone abbreviation ("CST" in my case) is correctly returned with both the strftime("%Z") and date("T") calls.
  
This will often cause the process to seg fault and die, althought on more complex pages, this becomes quite consistant.

With the PHP compile option '--enable-debug', the following is reported in the Apache error log:

---------------------------------------
zend_execute_API.c(274) : Block 0x0813EDA0 status:
zend_variables.c(44) : Actual location (location was relayed)
Beginning:  	OK (allocated on datetime.c:331, 32 bytes)
      End:	Overflown (magic=0x2A8F0030 instead of 0x2A8FCC84)
          	2 byte(s) overflown
---------------------------------------

For PHP 4.1.1 the configure line is:
./configure --with-mysql=/usr/local/mysql --enable-track-vars --with-apxs=/usr/local/apache/bin/apxs --with-config-file-path=/usr/local/apache/conf --enable-bcmath --with-zlib --with-xml --with-gettext --with-imap=../imap --with-mcrypt --with-ldap=/usr/local --enable-ftp --without-gd --enable-debug

(Will be used for Horde's IMP webmail system)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-02-07 13:20 UTC] jkannan at ddeorg dot co dot in
This is a bug in the ext/standard/datetime.c php_date function. 

here is the diff 

*** php-4.1.1/ext/standard/datetime.c.orig      Thu Feb  7 23:01:22 2002
--- php-4.1.1/ext/standard/datetime.c   Thu Feb  7 23:02:09 2002
***************
*** 449,453 ****
                        case 'O':               /* GMT offset in [+-]HHMM format */
  #if HAVE_TM_GMTOFF                            
!                               sprintf(tmp_buff, "%c%02d%02d", (ta->tm_gmtoff < 0) ? '-' : '+', abs(ta->tm_gmtoff / 3600), abs( ta->tm_gmtoff % 3600));
  #else
                                sprintf(tmp_buff, "%c%02d%02d", ((ta->tm_isdst ? tzone - 3600:tzone)>0)?'-':'+', abs((ta->tm_isdst ? tzone - 3600 : tzone) / 3600), abs((ta->tm_isdst ? tzone - 3600 : tzone) % 3600));
--- 449,453 ----
                        case 'O':               /* GMT offset in [+-]HHMM format */
  #if HAVE_TM_GMTOFF                            
!                               sprintf(tmp_buff, "%c%02d%02d", (ta->tm_gmtoff < 0) ? '-' : '+', abs(ta->tm_gmtoff / 3600), abs( ( ta->tm_gmtoff % 3600 ) / 60 ));
  #else
                                sprintf(tmp_buff, "%c%02d%02d", ((ta->tm_isdst ? tzone - 3600:tzone)>0)?'-':'+', abs((ta->tm_isdst ? tzone - 3600 : tzone) / 3600), abs((ta->tm_isdst ? tzone - 3600 : tzone) % 3600));
***************
*** 500,504 ****
                                        (ta->tm_gmtoff < 0) ? '-' : '+',
                                        abs(ta->tm_gmtoff / 3600),
!                                       abs( ta->tm_gmtoff % 3600)
                                );
  #else
--- 500,504 ----
                                        (ta->tm_gmtoff < 0) ? '-' : '+',
                                        abs(ta->tm_gmtoff / 3600),
!                                       abs( (ta->tm_gmtoff % 3600) / 60 )
                                );
  #else
 [2002-07-04 13:10 UTC] eru@php.net
Couldn't verify with 4.3.0-dev on RH 7.3, so this seems to be fixed. If you still encounter this problem with 4.2.1+, please reopen this bugreport.

 [2002-07-12 11:20 UTC] justin at cyburbia dot net dot au
This bug is still present in PHP 4.2.1. Came across it, like Warwick, while setting up the IMP webmail system. We're in South Australia as well, which means we've got the same weird timezone.

I applied the patch above from jkannan@ddeorg.co.in and found that it solved the problem, though; suggest it's applied to the tree. :)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Nov 27 04:01:27 2024 UTC