ID: 45141 Updated by: il...@php.net Reported By: php at evilcode dot net -Status: Assigned +Status: Closed Bug Type: Date/time related Operating System: FreeBSD/Linux PHP Version: 5.2.6 Assigned To: derick New Comment:
This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2009-07-29 13:44:17] s...@php.net Automatic comment from SVN on behalf of iliaa Revision: http://svn.php.net/viewvc/?view=revision&revision=286508 Log: Fixed bug #45141 (setcookie will output expires years of >4 digits). ------------------------------------------------------------------------ [2008-06-07 04:27:41] crrodriguez at suse dot de Something like the following patch may help in the meanwhile.. http://stuff.cristianrodriguez.net/patches/setcookie_4_digit_years.patch ------------------------------------------------------------------------ [2008-06-03 19:13:06] crrodriguez at suse dot de IMHO, it should emit a warning and return FALSE, magically limiting the value is clearly the wrong thing. ------------------------------------------------------------------------ [2008-06-02 12:53:57] der...@php.net The formatting is actually a bug... I've started optimizing the algorithm but haven't finished yet. ------------------------------------------------------------------------ [2008-05-31 03:21:01] php at evilcode dot net Description: ------------ setcookie() will happily produce expires times with years greater than 4 digits in length. This violates various RFC's and can also lead to unexpectedly hung scripts (especially on 64-bit). Reproduce code: --------------- This works fine on 32-bit, but will keep the script looping effectively forever formatting the date as GMT on 64-bit. setcookie('test', 'testing', PHP_INT_MAX); Sample patch: http://evilcode.net/sjg/php5.2.6-setcookie-head.c.patch This may not be the right place for this, as there are probably other violators as well. A more general/generic fix may be in order. Expected result: ---------------- Date output should be trimmed to the end of year 9999, possibly a warning presented. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=45141&edit=1
