|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #45866 decimal values fed to DateTime->modify() causes long execution times
Submitted: 2008-08-20 03:58 UTC Modified: 2009-07-29 17:40 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: jsnell at e-normous dot com Assigned: derick
Status: Closed Package: Date/time related
PHP Version: 5CVS, 6CVS (2008-11-11) OS: *
Private report: No CVE-ID:
 [2008-08-20 03:58 UTC] jsnell at e-normous dot com
Feeding a decimal value to DateTime's modify() function can cause very 
long execution times because the decimal point is ignored.

Reproduced on the php5.3-200808200230 snapshot. 

Reproduce code:
$date = new DateTime(); 
$date->modify("+1.61538461538 day"); 

Expected result:
A warning or exception, or perhaps 1 day + 0.61538461538*24 hours added.

Actual result:
after 32 seconds of execution, 161538461538 days are added to the date


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2008-11-11 10:47 UTC]
Happens in all branches.
 [2009-07-29 17:40 UTC]
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

The algorithm has been optimized some time ago, it's much faster now for these large values. The result is *also* correct as the given string is parsed as:

"+1" (timezone offset)
"."  (ignored by default)
"61538461538 day" (the jump forwards)

I have a patch that adds warnings for *broken* strings though, but this breaks a few already existing tests:
Closing this report.
 [2010-02-10 16:23 UTC]
Automatic comment from SVN on behalf of derick
Log: - Added a test case for bug #45866
- Fixed tests: oo_002, bug46268
- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc
- Make sure faulty strings passed to DateTime::modify() notify the user.
- Revert fix for bug #50392 as it was fixed wrongly without a proper test case.
- Fixed a bug with the 'r' formatting function as the default buffer size that
  was allocated only fit 4 digit years.
 [2010-02-11 11:11 UTC]
Automatic comment from SVN on behalf of pajoye
Log: - merge fix for: #45866,#50930, revert fix for #50392, Fixed a bug with the 'r' formatting function, added or fixed tests for #45866 and #46268
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Mon Oct 05 04:01:32 2015 UTC