ID: 45141 Comment by: crrodriguez at suse dot de Reported By: php at evilcode dot net Status: Assigned Bug Type: Date/time related Operating System: FreeBSD/Linux PHP Version: 5.2.6 Assigned To: derick New Comment:
Something like the following patch may help in the meanwhile.. http://stuff.cristianrodriguez.net/patches/setcookie_4_digit_years.patch Previous Comments: ------------------------------------------------------------------------ [2008-06-03 19:13:06] crrodriguez at suse dot de IMHO, it should emit a warning and return FALSE, magically limiting the value is clearly the wrong thing. ------------------------------------------------------------------------ [2008-06-02 12:53:57] [EMAIL PROTECTED] The formatting is actually a bug... I've started optimizing the algorithm but haven't finished yet. ------------------------------------------------------------------------ [2008-05-31 03:21:01] php at evilcode dot net Description: ------------ setcookie() will happily produce expires times with years greater than 4 digits in length. This violates various RFC's and can also lead to unexpectedly hung scripts (especially on 64-bit). Reproduce code: --------------- This works fine on 32-bit, but will keep the script looping effectively forever formatting the date as GMT on 64-bit. setcookie('test', 'testing', PHP_INT_MAX); Sample patch: http://evilcode.net/sjg/php5.2.6-setcookie-head.c.patch This may not be the right place for this, as there are probably other violators as well. A more general/generic fix may be in order. Expected result: ---------------- Date output should be trimmed to the end of year 9999, possibly a warning presented. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=45141&edit=1