|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2008-06-02 12:53 UTC] derick@php.net
[2008-06-03 19:13 UTC] crrodriguez at suse dot de
[2008-06-07 04:27 UTC] crrodriguez at suse dot de
[2009-07-29 13:44 UTC] svn@php.net
[2009-07-29 13:44 UTC] iliaa@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri Oct 24 07:00:01 2025 UTC |
Description: ------------ setcookie() will happily produce expires times with years greater than 4 digits in length. This violates various RFC's and can also lead to unexpectedly hung scripts (especially on 64-bit). Reproduce code: --------------- This works fine on 32-bit, but will keep the script looping effectively forever formatting the date as GMT on 64-bit. setcookie('test', 'testing', PHP_INT_MAX); Sample patch: http://evilcode.net/sjg/php5.2.6-setcookie-head.c.patch This may not be the right place for this, as there are probably other violators as well. A more general/generic fix may be in order. Expected result: ---------------- Date output should be trimmed to the end of year 9999, possibly a warning presented.