>Number: 1342
>Category: mod_usertrack
>Synopsis: year-3000 bug in two-digit cookie expiration years
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Fri Oct 31 13:30:01 PST 1997
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.2.4
>Environment:
SunOS shade.twinsun.com 5.6 Generic sun4u sparc SUNW,Ultra-1
>Description:
There's a year-3000 bug in the two-digit years in cookie expiration dates.
In 3000, tm_year is 200, so subtracting 100 stops working.
I know, I know, I'm being picky, but you'll thank me on Jan 1, 3000,
when you're running Apache on your 64-bit time_t host!
>How-To-Repeat:
>Fix:
--- mod_usertrack.c 1997/03/07 14:15:45 1.2.4.0
+++ mod_usertrack.c 1997/10/31 21:19:05 1.2.4.1
@@ -176,5 +176,5 @@ void make_cookie(request_rec *r)
COOKIE_NAME, cookiebuf, days[tms->tm_wday],
tms->tm_mday, month_snames[tms->tm_mon],
- (tms->tm_year >= 100) ? tms->tm_year - 100 : tms->tm_year,
+ tms->tm_year % 100,
tms->tm_hour, tms->tm_min, tms->tm_sec);
}
%0
>Audit-Trail:
>Unformatted:
