|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull Requests
Pull requests:
HistoryAllCommentsChangesGit/SVN commits
[2015-11-08 14:15 UTC] aharvey@php.net
-Status: Open
+Status: Assigned
-Assigned To:
+Assigned To: aharvey
[2016-02-24 13:48 UTC] ab@php.net
-Status: Assigned
+Status: Closed
[2016-02-24 13:48 UTC] ab@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri Oct 24 02:00:01 2025 UTC |
Description: ------------ Under the apache2handler SAPI, setting a Content-Length header via header() with a value beyond LONG_MAX will result in the value being truncated to LONG_MAX, even when the apr_off_t type allows for a larger value, due to the unconditional use of strtol() in php_apache_sapi_header_handler() on non-Windows platforms. To fix this, we should check sizeof(apr_off_t) and call strtoll() as appropriate. Test script: --------------- <?php header('Content-Length: 4294967296'); header('Content-Type: application/octet-stream'); $fp = fopen('/dev/zero', 'rb'); fpassthru($fp); fclose($fp); ?> Place in an Apache 2 handler environment, and then use curl -I to send a HEAD request and get the headers. Expected result: ---------------- HTTP/1.1 200 OK Date: Sun, 08 Nov 2015 14:11:19 GMT Server: Apache/2.4.7 (Ubuntu) PHP/5.6.16-dev X-Powered-By: PHP/5.6.16-dev Content-Length: 4294967296 Content-Type: application/octet-stream Actual result: -------------- HTTP/1.1 200 OK Date: Sun, 08 Nov 2015 14:03:35 GMT Server: Apache/2.4.7 (Ubuntu) PHP/5.6.16-dev X-Powered-By: PHP/5.6.16-dev Content-Length: 2147483647 Content-Type: application/octet-stream