From b465c28ee038f93440ebb13ebfbbf529fd8149c7 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 13 Jul 2017 08:57:07 +0300 Subject: [PATCH] sessions: clip max expiry value to a 32bit integer --- include/sessions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/sessions.php b/include/sessions.php index d0532a014..adc973fe7 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -9,7 +9,7 @@ require_once "lib/gettext/gettext.inc"; require_once "version.php"; - $session_expire = max(SESSION_COOKIE_LIFETIME, 86400); + $session_expire = max(SESSION_COOKIE_LIFETIME, 86400) & 0xFFFFFFFF; // clip to 32 bit $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; if (@$_SERVER['HTTPS'] == "on") {