iliaa Wed, 29 Jul 2009 13:44:16 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=286508
Log: Fixed bug #45141 (setcookie will output expires years of >4 digits). Bug: http://bugs.php.net/45141 (Assigned) [PATCH] setcookie will output expires years of >4 digits Changed paths: U php/php-src/branches/PHP_5_2/NEWS U php/php-src/branches/PHP_5_2/ext/standard/head.c U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/standard/head.c U php/php-src/trunk/ext/standard/head.c Modified: php/php-src/branches/PHP_5_2/NEWS =================================================================== --- php/php-src/branches/PHP_5_2/NEWS 2009-07-29 12:50:19 UTC (rev 286507) +++ php/php-src/branches/PHP_5_2/NEWS 2009-07-29 13:44:16 UTC (rev 286508) @@ -69,6 +69,7 @@ (Sriram Natarajan) - Fixed bug #48182 (ssl handshake fails during asynchronous socket connection). (Sriram Natarajan) +- Fixed bug #45141 (setcookie will output expires years of >4 digits). (Ilia) - Fixed bug #44144 (spl_autoload_functions() should return object instance when appropriate). (Hannes, Etienne) - Fixed bug #42434 (ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot Modified: php/php-src/branches/PHP_5_2/ext/standard/head.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/standard/head.c 2009-07-29 12:50:19 UTC (rev 286507) +++ php/php-src/branches/PHP_5_2/ext/standard/head.c 2009-07-29 13:44:16 UTC (rev 286508) @@ -110,8 +110,18 @@ } else { snprintf(cookie, len + 100, "Set-Cookie: %s=%s", name, value ? encoded_value : ""); if (expires > 0) { + char *p; strlcat(cookie, "; expires=", len + 100); dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0 TSRMLS_CC); + /* check to make sure that the year does not exceed 4 digits in length */ + p = zend_memrchr(dt, '-', strlen(dt)); + if (*(p + 5) != ' ') { + efree(dt); + efree(cookie); + efree(encoded_value); + zend_error(E_WARNING, "Expiry date cannot have a year greater then 9999"); + return FAILURE; + } strlcat(cookie, dt, len + 100); efree(dt); } Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2009-07-29 12:50:19 UTC (rev 286507) +++ php/php-src/branches/PHP_5_3/NEWS 2009-07-29 13:44:16 UTC (rev 286508) @@ -73,6 +73,7 @@ (Pierre) - Fixed bug #45905 (imagefilledrectangle() clipping error). (markril at hotmail dot com, Pierre) +- Fixed bug #45141 (setcookie will output expires years of >4 digits). (Ilia) - Fixed bug #38091 (Mail() does not use FQDN when sending SMTP helo). (Kalle, Rick Yorgason) - Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()). Modified: php/php-src/branches/PHP_5_3/ext/standard/head.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/standard/head.c 2009-07-29 12:50:19 UTC (rev 286507) +++ php/php-src/branches/PHP_5_3/ext/standard/head.c 2009-07-29 13:44:16 UTC (rev 286508) @@ -124,8 +124,18 @@ } else { snprintf(cookie, len + 100, "Set-Cookie: %s=%s", name, value ? encoded_value : ""); if (expires > 0) { + char *p; strlcat(cookie, "; expires=", len + 100); dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0 TSRMLS_CC); + /* check to make sure that the year does not exceed 4 digits in length */ + p = zend_memrchr(dt, '-', strlen(dt)); + if (*(p + 5) != ' ') { + efree(dt); + efree(cookie); + efree(encoded_value); + zend_error(E_WARNING, "Expiry date cannot have a year greater then 9999"); + return FAILURE; + } strlcat(cookie, dt, len + 100); efree(dt); } Modified: php/php-src/trunk/ext/standard/head.c =================================================================== --- php/php-src/trunk/ext/standard/head.c 2009-07-29 12:50:19 UTC (rev 286507) +++ php/php-src/trunk/ext/standard/head.c 2009-07-29 13:44:16 UTC (rev 286508) @@ -125,8 +125,18 @@ } else { snprintf(cookie, len + 100, "Set-Cookie: %s=%s", name, value ? encoded_value : ""); if (expires > 0) { + char *p; strlcat(cookie, "; expires=", len + 100); dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0 TSRMLS_CC); + /* check to make sure that the year does not exceed 4 digits in length */ + p = zend_memrchr(dt, '-', strlen(dt)); + if (*(p + 5) != ' ') { + efree(dt); + efree(cookie); + efree(encoded_value); + zend_error(E_WARNING, "Expiry date cannot have a year greater then 9999"); + return FAILURE; + } strlcat(cookie, dt, len + 100); efree(dt); }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
