php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #38096 stream_socket_accept : big timeout values are not taken into account
Submitted: 2006-07-13 14:50 UTC Modified: 2006-09-11 14:53 UTC
From: daniel dot menard at bdsp dot tm dot fr Assigned:
Status: Closed Package: Streams related
PHP Version: 5.1.4 OS: Win XP
Private report: No CVE-ID:
 [2006-07-13 14:50 UTC] daniel dot menard at bdsp dot tm dot fr
Description:
------------
Time-out values passed to stream_socket_accept are not always taken into account has they should be.

Values from 0 to 4294 seconds work fine, greater values do not (4295 is equivalent to 0 sec, 4296 to 1 sec and so on).

From current cvs source, it appears that the timeout parameter is multiplied and then cast to an unsigned long which results in an overflow for values greater than 4294:

http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/streamsfuncs.c?view=annotate
line 247 :
	/* prepare the timeout value for use */
	conv = (unsigned long) (timeout * 1000000.0);
	tv.tv_sec = conv / 1000000;
	tv.tv_usec = conv % 1000000;

Note: similar code can be found for stream_socket_client.

Perhaps there are good reasons to not accept such timeout values. In this case, raising a 'bad parameter' exception and a note in the documentation would be better options than silently accept the overflow.

Otherwise, a solution would be to test for big values:
if (timeout>4294){tv.tv_sec=timeout; tv.tv_usec=0;}
else { /* actual code */ }


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-09-11 14:53 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 23 17:01:58 2014 UTC