Fix phpGH-14780: p(f)sockopen overflow on timeout argument.

ext/standard/fsock.c

@@ -73,13 +73,22 @@ static void php_fsockopen_stream(INTERNAL_FUNCTION_PARAMETERS, int persistent)
  }
 
  /* prepare the timeout value for use */
+ if (UNEXPECTED(!(timeout >= 0 && timeout <= LONG_MAX / 1000000))) {
+ if (port > 0) {
+ efree(hostname);
+ }
+ if (hashkey) {
+ efree(hashkey);
+ }
+ zend_argument_value_error(6, "must be between 0 and " ZEND_LONG_FMT, (LONG_MAX / 1000000));
+ RETURN_THROWS();
+ }
 #ifndef PHP_WIN32
  conv = (time_t) (timeout * 1000000.0);
- tv.tv_sec = conv / 1000000;
 #else
  conv = (long) (timeout * 1000000.0);
- tv.tv_sec = conv / 1000000;
 #endif
+ tv.tv_sec = conv / 1000000;
  tv.tv_usec = conv % 1000000;
 
  stream = php_stream_xport_create(hostname, hostname_len, REPORT_ERRORS,

ext/standard/tests/streams/gh14780.phpt

@@ -0,0 +1,19 @@
+--TEST--
+GH-14780: p(f)sockopen overflow on timeout.
+--FILE--
+<?php
+$code = null;
+$err = null;
+try {
+ pfsockopen('udp://127.0.0.1', '63844', $code, $err, (PHP_INT_MAX/1000000)+1);
+} catch (\ValueError $e) {
+ echo $e->getMessage() . PHP_EOL;
+}
+try {
+ pfsockopen('udp://127.0.0.1', '63844', $code, $err, (PHP_INT_MIN/1000000)-1);
+} catch (\ValueError $e) {
+ echo $e->getMessage();
+}
+--EXPECTF--
+pfsockopen(): Argument #6 must be between 0 and %s
+pfsockopen(): Argument #6 must be between 0 and %s