From 727529214b0cbb0fe41100942a744d6571e48cd5 Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Tue, 17 Sep 2024 19:43:42 +0100
Subject: [PATCH] Fix GH-15937: stream timeout option overflow.

---
 ext/standard/tests/streams/gh15937.phpt | 14 ++++++++++++++
 main/php_network.h                      |  2 +-
 2 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 ext/standard/tests/streams/gh15937.phpt

diff --git a/ext/standard/tests/streams/gh15937.phpt b/ext/standard/tests/streams/gh15937.phpt
new file mode 100644
index 0000000000000..7293cce247cc4
--- /dev/null
+++ b/ext/standard/tests/streams/gh15937.phpt
@@ -0,0 +1,14 @@
+--TEST--
+GH-15937 (stream overflow on timeout setting)
+--FILE--
+<?php
+$config = [
+    'http' => [
+        'timeout'		=> PHP_INT_MAX,
+    ],
+];
+$ctx = stream_context_create($config);
+var_dump(fopen("http://example.com", "r", false, $ctx));
+?>
+--EXPECTF--
+resource(%d) of type (stream)
diff --git a/main/php_network.h b/main/php_network.h
index a3b7ba7ab3180..a109d67e56bb6 100644
--- a/main/php_network.h
+++ b/main/php_network.h
@@ -162,7 +162,7 @@ PHPAPI int php_poll2(php_pollfd *ufds, unsigned int nfds, int timeout);
 /* timeval-to-timeout (for poll(2)) */
 static inline int php_tvtoto(struct timeval *timeouttv)
 {
-	if (timeouttv) {
+	if (timeouttv && timeouttv->tv_sec >= 0 && timeouttv->tv_sec <= (INT_MAX / 1000)) {
 		return (timeouttv->tv_sec * 1000) + (timeouttv->tv_usec / 1000);
 	}
 	return -1;