Skip to content

Fix GH-18422: int overflow in php_date_llabs#21638

Closed
iliaal wants to merge 2 commits into
php:PHP-8.4from
iliaal:fix/gh-18422-date-llabs-overflow
Closed

Fix GH-18422: int overflow in php_date_llabs#21638
iliaal wants to merge 2 commits into
php:PHP-8.4from
iliaal:fix/gh-18422-date-llabs-overflow

Conversation

@iliaal
Copy link
Copy Markdown
Contributor

@iliaal iliaal commented Apr 4, 2026

php_date_llabs negates with -i, which is UB when i is LLONG_MIN. Cast to unsigned long long before negating and changed the return type to match. Updated Y/x/X format call sites from %lld to %llu.

Fixes #18422

@iliaal iliaal requested a review from derickr as a code owner April 4, 2026 15:03
@iliaal iliaal mentioned this pull request Apr 4, 2026
Closed
iluuu1994
iluuu1994 reviewed Apr 4, 2026
View reviewed changes
Comment thread ext/date/php_date.c Outdated
@iliaal iliaal force-pushed the fix/gh-18422-date-llabs-overflow branch 2 times, most recently from de9d934 to 2f19e2f Compare April 4, 2026 20:05
@iliaal iliaal requested a review from iluuu1994 April 4, 2026 20:45
iluuu1994
iluuu1994 approved these changes Apr 4, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@iluuu1994 iluuu1994 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but Derick is codeowner.

@iliaal iliaal force-pushed the fix/gh-18422-date-llabs-overflow branch from 2f19e2f to 6bdb3cb Compare May 18, 2026 11:06
@iliaal iliaal changed the base branch from master to PHP-8.4 May 18, 2026 11:06
@iliaal iliaal force-pushed the fix/gh-18422-date-llabs-overflow branch 2 times, most recently from eae5780 to 50aaf05 Compare May 18, 2026 12:01
iliaal added 2 commits May 18, 2026 09:15
@iliaal
ext/date: build with -fwrapv to define signed-overflow wrap behavior
9bd48f3 
Year arithmetic in timelib (tm2unixtime) overflows int64_t under
extreme inputs such as PHP_INT_MIN years. The result is undefined
behavior detected by UBSan. Compile ext/date with -fwrapv so the
wrap is well-defined.
@iliaal
Fix phpGH-18422: int overflow in php_date_llabs
134769d 
php_date_llabs negated its argument with -i, which is UB when i is
LLONG_MIN. Cast to uint64_t before negating and use stdint types
throughout. Updated Y/x/X format call sites to PRIu64.

Closes phpGH-18422
@iliaal iliaal force-pushed the fix/gh-18422-date-llabs-overflow branch from 50aaf05 to 134769d Compare May 18, 2026 13:18
derickr
derickr approved these changes May 18, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@derickr derickr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@iliaal iliaal closed this in 09ca095 May 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@derickr derickr derickr approved these changes

@iluuu1994 iluuu1994 iluuu1994 approved these changes

Assignees

No one assigned

Labels

Category: Build System Extension: date

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

int overflow in Date extension

3 participants

@iliaal @derickr @iluuu1994