ID: 15362 Updated by: [EMAIL PROTECTED] -Reported By: [EMAIL PROTECTED] +Reported By: [EMAIL PROTECTED] Status: Open Bug Type: Date/time related Operating System: Linux 6.2 and 7.2 PHP Version: 4.1.1 New Comment:
This is a bug in the ext/standard/datetime.c php_date function. here is the diff *** php-4.1.1/ext/standard/datetime.c.orig Thu Feb 7 23:01:22 2002 --- php-4.1.1/ext/standard/datetime.c Thu Feb 7 23:02:09 2002 *************** *** 449,453 **** case 'O': /* GMT offset in [+-]HHMM format */ #if HAVE_TM_GMTOFF ! sprintf(tmp_buff, "%c%02d%02d", (ta->tm_gmtoff < 0) ? '-' : '+', abs(ta->tm_gmtoff / 3600), abs( ta->tm_gmtoff % 3600)); #else sprintf(tmp_buff, "%c%02d%02d", ((ta->tm_isdst ? tzone - 3600:tzone)>0)?'-':'+', abs((ta->tm_isdst ? tzone - 3600 : tzone) / 3600), abs((ta->tm_isdst ? tzone - 3600 : tzone) % 3600)); --- 449,453 ---- case 'O': /* GMT offset in [+-]HHMM format */ #if HAVE_TM_GMTOFF ! sprintf(tmp_buff, "%c%02d%02d", (ta->tm_gmtoff < 0) ? '-' : '+', abs(ta->tm_gmtoff / 3600), abs( ( ta->tm_gmtoff % 3600 ) / 60 )); #else sprintf(tmp_buff, "%c%02d%02d", ((ta->tm_isdst ? tzone - 3600:tzone)>0)?'-':'+', abs((ta->tm_isdst ? tzone - 3600 : tzone) / 3600), abs((ta->tm_isdst ? tzone - 3600 : tzone) % 3600)); *************** *** 500,504 **** (ta->tm_gmtoff < 0) ? '-' : '+', abs(ta->tm_gmtoff / 3600), ! abs( ta->tm_gmtoff % 3600) ); #else --- 500,504 ---- (ta->tm_gmtoff < 0) ? '-' : '+', abs(ta->tm_gmtoff / 3600), ! abs( (ta->tm_gmtoff % 3600) / 60 ) ); #else Previous Comments: ------------------------------------------------------------------------ [2002-02-03 21:12:13] [EMAIL PROTECTED] I have tested both PHP 4.1.1 and PHP 4.05 and the following occurs for both. The date('r') call returns the wrong timezone offset (in my case "+101800") which causes a buffer overflow in datetime.c The date("Z") call correctly returns the timezone offset number of seconds (630 in my case). The undocumented (in the PHP manual anyway) option to strftime('%z') returns the correct value of +1030. The timezone abbreviation ("CST" in my case) is correctly returned with both the strftime("%Z") and date("T") calls. This will often cause the process to seg fault and die, althought on more complex pages, this becomes quite consistant. With the PHP compile option '--enable-debug', the following is reported in the Apache error log: --------------------------------------- zend_execute_API.c(274) : Block 0x0813EDA0 status: zend_variables.c(44) : Actual location (location was relayed) Beginning: OK (allocated on datetime.c:331, 32 bytes) End: Overflown (magic=0x2A8F0030 instead of 0x2A8FCC84) 2 byte(s) overflown --------------------------------------- For PHP 4.1.1 the configure line is: ./configure --with-mysql=/usr/local/mysql --enable-track-vars --with-apxs=/usr/local/apache/bin/apxs --with-config-file-path=/usr/local/apache/conf --enable-bcmath --with-zlib --with-xml --with-gettext --with-imap=../imap --with-mcrypt --with-ldap=/usr/local --enable-ftp --without-gd --enable-debug (Will be used for Horde's IMP webmail system) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=15362&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php