php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Return to Bug #77612
Patch bug77512.patch revision 2019-02-13 12:55 UTC by yohgaki at ohgaki dot net

Patch bug77512.patch for HTTP related Bug #77612

Patch version 2019-02-13 12:55 UTC

Return to Bug #77612 | Download this patch
Patch Revisions:

Developer: yohgaki@ohgaki.net

diff --git a/ext/standard/head.c b/ext/standard/head.c
index 7c813c4783..8a8b693bb6 100644
--- a/ext/standard/head.c
+++ b/ext/standard/head.c
@@ -133,7 +133,7 @@ PHPAPI int php_setcookie(zend_string *name, zend_string *value, time_t expires,
 		len += ZSTR_LEN(samesite);
 	}
 
-	cookie = emalloc(len + 100);
+	cookie = emalloc(len + 200);
 
 	if (value == NULL || ZSTR_LEN(value) == 0) {
 		/*
@@ -142,16 +142,16 @@ PHPAPI int php_setcookie(zend_string *name, zend_string *value, time_t expires,
 		 * pick an expiry date in the past
 		 */
 		dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, 1, 0);
-		snprintf(cookie, len + 100, "Set-Cookie: %s=deleted; expires=%s; Max-Age=0", ZSTR_VAL(name), ZSTR_VAL(dt));
+		snprintf(cookie, len + 200, "Set-Cookie: %s=deleted; expires=%s; Max-Age=0", ZSTR_VAL(name), ZSTR_VAL(dt));
 		zend_string_free(dt);
 	} else {
-		snprintf(cookie, len + 100, "Set-Cookie: %s=%s", ZSTR_VAL(name), value ? ZSTR_VAL(encoded_value) : "");
+		snprintf(cookie, len + 200, "Set-Cookie: %s=%s", ZSTR_VAL(name), value ? ZSTR_VAL(encoded_value) : "");
 		if (expires > 0) {
 			const char *p;
 			char tsdelta[13];
 			double diff;
 
-			strlcat(cookie, COOKIE_EXPIRES, len + 100);
+			strlcat(cookie, COOKIE_EXPIRES, len + 200);
 			dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0);
 			/* check to make sure that the year does not exceed 4 digits in length */
 			p = zend_memrchr(ZSTR_VAL(dt), '-', ZSTR_LEN(dt));
@@ -162,7 +162,7 @@ PHPAPI int php_setcookie(zend_string *name, zend_string *value, time_t expires,
 				zend_error(E_WARNING, "Expiry date cannot have a year greater than 9999");
 				return FAILURE;
 			}
-			strlcat(cookie, ZSTR_VAL(dt), len + 100);
+			strlcat(cookie, ZSTR_VAL(dt), len + 200);
 			zend_string_free(dt);
 
 			diff = difftime(expires, time(NULL));
@@ -170,8 +170,8 @@ PHPAPI int php_setcookie(zend_string *name, zend_string *value, time_t expires,
 				diff = 0;
 			}
 			snprintf(tsdelta, sizeof(tsdelta), ZEND_LONG_FMT, (zend_long) diff);
-			strlcat(cookie, COOKIE_MAX_AGE, len + 100);
-			strlcat(cookie, tsdelta, len + 100);
+			strlcat(cookie, COOKIE_MAX_AGE, len + 200);
+			strlcat(cookie, tsdelta, len + 200);
 		}
 	}
 
@@ -180,22 +180,22 @@ PHPAPI int php_setcookie(zend_string *name, zend_string *value, time_t expires,
 	}
 
 	if (path && ZSTR_LEN(path)) {
-		strlcat(cookie, COOKIE_PATH, len + 100);
-		strlcat(cookie, ZSTR_VAL(path), len + 100);
+		strlcat(cookie, COOKIE_PATH, len + 200);
+		strlcat(cookie, ZSTR_VAL(path), len + 200);
 	}
 	if (domain && ZSTR_LEN(domain)) {
-		strlcat(cookie, COOKIE_DOMAIN, len + 100);
-		strlcat(cookie, ZSTR_VAL(domain), len + 100);
+		strlcat(cookie, COOKIE_DOMAIN, len + 200);
+		strlcat(cookie, ZSTR_VAL(domain), len + 200);
 	}
 	if (secure) {
-		strlcat(cookie, COOKIE_SECURE, len + 100);
+		strlcat(cookie, COOKIE_SECURE, len + 200);
 	}
 	if (httponly) {
-		strlcat(cookie, COOKIE_HTTPONLY, len + 100);
+		strlcat(cookie, COOKIE_HTTPONLY, len + 200);
 	}
 	if (samesite && ZSTR_LEN(samesite)) {
-		strlcat(cookie, COOKIE_SAMESITE, len + 100);
-		strlcat(cookie, ZSTR_VAL(samesite), len + 100);
+		strlcat(cookie, COOKIE_SAMESITE, len + 200);
+		strlcat(cookie, ZSTR_VAL(samesite), len + 200);
 	}
 
 	ctr.line = cookie;
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Mon Mar 30 13:01:25 2020 UTC