From fdcfd62b9b27c59ec6da607f3d61cdb1715e3195 Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Mon, 22 Jul 2024 16:08:55 +0200
Subject: [PATCH] Fix passing non-finite timeout values in stream functions

Closes GH-15061.
---
 NEWS                                          |  3 ++
 ext/standard/streamsfuncs.c                   |  6 ++++
 .../tests/streams/non_finite_values.phpt      | 31 +++++++++++++++++++
 3 files changed, 40 insertions(+)
 create mode 100644 ext/standard/tests/streams/non_finite_values.phpt

diff --git a/NEWS b/NEWS
index 828a8fdff31..ecd04bac449 100644
--- a/NEWS
+++ b/NEWS
@@ -20,6 +20,9 @@ PHP                                                                        NEWS
 - Soap:
   . Fixed bug #55639 (Digest autentication dont work). (nielsdos)
 
+- Standard:
+  . Fix passing non-finite timeout values in stream functions. (nielsdos)
+
 - Streams:
   . Fixed bug GH-15028 (Memory leak in ext/phar/stream.c). (nielsdos)
   . Fixed bug GH-15034 (Integer overflow on stream_notification_callback
diff --git a/ext/standard/streamsfuncs.c b/ext/standard/streamsfuncs.c
index 53fa8d33dad..18e80ddda32 100644
--- a/ext/standard/streamsfuncs.c
+++ b/ext/standard/streamsfuncs.c
@@ -127,6 +127,9 @@ PHP_FUNCTION(stream_socket_client)
 
 	if (timeout_is_null) {
 		timeout = (double)FG(default_socket_timeout);
+	} else if (!zend_finite(timeout)) {
+		zend_argument_value_error(4, "must be a finite value");
+		RETURN_THROWS();
 	}
 
 	context = php_stream_context_from_zval(zcontext, flags & PHP_FILE_NO_DEFAULT_CONTEXT);
@@ -279,6 +282,9 @@ PHP_FUNCTION(stream_socket_accept)
 
 	if (timeout_is_null) {
 		timeout = (double)FG(default_socket_timeout);
+	} else if (!zend_finite(timeout)) {
+		zend_argument_value_error(2, "must be a finite value");
+		RETURN_THROWS();
 	}
 
 	php_stream_from_zval(stream, zstream);
diff --git a/ext/standard/tests/streams/non_finite_values.phpt b/ext/standard/tests/streams/non_finite_values.phpt
new file mode 100644
index 00000000000..5dba0d3b482
--- /dev/null
+++ b/ext/standard/tests/streams/non_finite_values.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Non-finite timeout values in stream functions
+--FILE--
+<?php
+$socket = stream_socket_server("tcp://0.0.0.0:14781", $errno, $errstr);
+foreach ([NAN, -NAN, INF, -INF] as $value) {
+    try {
+        stream_socket_accept($socket, $value);
+    } catch (ValueError $e) {
+        echo $e->getMessage(), "\n";
+    }
+}
+fclose($socket);
+
+foreach ([NAN, -NAN, INF, -INF] as $value) {
+    try {
+        stream_socket_client("tcp://0.0.0.0:14781", timeout: $value);
+    } catch (ValueError $e) {
+        echo $e->getMessage(), "\n";
+    }
+}
+?>
+--EXPECT--
+stream_socket_accept(): Argument #2 ($timeout) must be a finite value
+stream_socket_accept(): Argument #2 ($timeout) must be a finite value
+stream_socket_accept(): Argument #2 ($timeout) must be a finite value
+stream_socket_accept(): Argument #2 ($timeout) must be a finite value
+stream_socket_client(): Argument #4 ($timeout) must be a finite value
+stream_socket_client(): Argument #4 ($timeout) must be a finite value
+stream_socket_client(): Argument #4 ($timeout) must be a finite value
+stream_socket_client(): Argument #4 ($timeout) must be a finite value