Throw on negative setcookie expiration timestamp

Fixes GH-10765

NEWS

@@ -130,6 +130,7 @@ PHP                                                                        NEWS
   . password_hash() will now chain the original RandomException to the ValueError
     on salt generation failure. (timwolla)
   . Fix GH-10239 (proc_close after proc_get_status always returns -1). (nielsdos)
+  . Fix GH-10765 (Throw on negative setcookie expiration date). (ilutov)
 
 - Streams:
   . Fixed bug #51056: blocking fread() will block even if data is available.

Zend/tests/gh10765_1.phpt

@@ -0,0 +1,17 @@
+--TEST--
+GH-10765: Throw on negative cookie expiration timestamp
+--INI--
+date.timezone=UTC
+--FILE--
+<?php
+
+try {
+    setcookie("name", "value", -1);
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+setcookie(): "expires" option cannot be negative
+--EXPECTHEADERS--

Zend/tests/gh10765_2.phpt

@@ -0,0 +1,17 @@
+--TEST--
+GH-10765: Throw on negative cookie expiration timestamp
+--INI--
+date.timezone=UTC
+--FILE--
+<?php
+
+try {
+    setcookie("name", "value", ['expires' => -1]);
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+setcookie(): "expires" option cannot be negative
+--EXPECTHEADERS--

ext/standard/head.c

@@ -161,6 +161,8 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
 
 			smart_str_appends(&buf, COOKIE_MAX_AGE);
 			smart_str_append_long(&buf, (zend_long) diff);
+		} else if (UNEXPECTED(expires < 0)) {
+			zend_value_error("%s(): \"expires\" option cannot be negative", get_active_function_name());
 		}
 	}