[2009-09-18 08:49 UTC] aharvey@php.net

Description:
------------
The buffer allocated within date_format() isn't long enough for RFC 2822 formatted dates (format string 'r') when the year requires five or more characters to be represented, which causes the output to be truncated. ISO 8601 dates ('c') are also affected, but only in the absolute extreme case, as demonstrated below.

The na?ve approach is obviously to extend the buffer size, and the patch (against the current PHP_5_3 checkout) at http://www.adamharvey.name/stuff/date-format-buffer.patch extends it far enough to cover all possible contingencies on common platforms -- since date_format() casts the year to a signed int when it calls slprintf(), the longest possible value that needs to be catered for in the year field is -2147483648 on any platform where int is 32 bit, which is pretty much all of them.

Reproduce code:
---------------
<?php
$date = new DateTime('-1500-01-01');
var_dump($date->format('r'));

$date->setDate(pow(2, 31), 1, 1);
var_dump($date->format('r'));
var_dump($date->format('c'));
?>

Expected result:
----------------
string(32) "Sat, 01 Jan -1500 00:00:00 +0800"
string(38) "Wed, 01 Jan -2147483648 00:00:00 +0800"
string(32) "-2147483648-01-01T00:00:00+08:00"

Actual result:
--------------
string(31) "Sat, 01 Jan -1500 00:00:00 +080"
string(31) "Wed, 01 Jan -2147483648 00:00:0"
string(31) "-2147483648-01-01T00:00:00+08:0"