- Fixed bug #25780 (MFH: ext/session: invalid session.cookie_lifetime causes crash...

diff --git a/NEWS b/NEWS
index 12b0f3d30987efd0b3019c5b078b7bb2fa166c89..4cfb1b5410dfb06dd78afbc5f26f823cce3eddb0 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,8 @@ PHP 4                                                                      NEWS
 ?? Oct 2003, Version 4.3.4RC2
 - Fixed multibyte regex engine to properly handle ".*" pattern under
   POSIX compatible mode. (K.Kosako <kosako at sofnec.co.jp>, Moriyoshi)
+- Fixed bug #25780 (ext/session: invalid "session.cookie_lifetime" makes 
+  session_start() to crash in win32). (Jani)
 - Fixed bug #25770 (Segfault with PHP and bison 1.875). (eggert@gnu.org, Marcus)
 - Fixed bug #25764 (ldap_get_option() crashes with unbound ldap link). (Jani)
 - Fixed bug #25758 (var_export does not escape ' & \ inside array keys). (Ilia)

diff --git a/ext/session/session.c b/ext/session/session.c
index 7955f24ff0d700e24e687d6e1c72a194d0577062..4ff76a95e603f0ea41424c1a23afd54a5d241691 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -857,13 +857,17 @@ static void php_session_send_cookie(TSRMLS_D)
        
        if (PS(cookie_lifetime) > 0) {
                struct timeval tv;
-               
+               time_t t;
+
                gettimeofday(&tv, NULL);
-               date_fmt = php_std_date(tv.tv_sec + PS(cookie_lifetime));
+               t = tv.tv_sec + PS(cookie_lifetime);
                
-               smart_str_appends(&ncookie, COOKIE_EXPIRES);
-               smart_str_appends(&ncookie, date_fmt);
-               efree(date_fmt);
+               if (t > 0) {
+                       date_fmt = php_std_date(t);
+                       smart_str_appends(&ncookie, COOKIE_EXPIRES);
+                       smart_str_appends(&ncookie, date_fmt);
+                       efree(date_fmt);
+               }
        }
 
        if (PS(cookie_path)[0]) {