php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #45141 [PATCH] setcookie will output expires years of >4 digits
Submitted: 2008-05-31 03:21 UTC Modified: 2009-07-29 13:44 UTC
From: php at evilcode dot net Assigned: derick
Status: Closed Package: Date/time related
PHP Version: 5.2.6 OS: FreeBSD/Linux
Private report: No CVE-ID:
 [2008-05-31 03:21 UTC] php at evilcode dot net
Description:
------------
setcookie() will happily produce expires times with years greater than 4 digits in length. This violates various RFC's and can also lead to unexpectedly hung scripts (especially on 64-bit).

Reproduce code:
---------------
This works fine on 32-bit, but will keep the script looping effectively forever formatting the date as GMT on 64-bit.

setcookie('test', 'testing', PHP_INT_MAX);

Sample patch: http://evilcode.net/sjg/php5.2.6-setcookie-head.c.patch

This may not be the right place for this, as there are probably other violators as well. A more general/generic fix may be in order.

Expected result:
----------------
Date output should be trimmed to the end of year 9999, possibly a warning presented.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-06-02 12:53 UTC] derick@php.net
The formatting is actually a bug... I've started optimizing the algorithm but haven't finished yet.
 [2008-06-03 19:13 UTC] crrodriguez at suse dot de
IMHO, it should emit a warning and return FALSE, magically limiting the value is clearly the wrong thing.
 [2008-06-07 04:27 UTC] crrodriguez at suse dot de
Something like the following patch may help in the meanwhile..

http://stuff.cristianrodriguez.net/patches/setcookie_4_digit_years.patch
 [2009-07-29 13:44 UTC] svn@php.net
Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&revision=286508
Log: Fixed bug #45141 (setcookie will output expires years of >4 digits).
 [2009-07-29 13:44 UTC] iliaa@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 00:01:21 2014 UTC