calendarspec: fix possible integer overflow

author Yu Watanabe <watanabe.yu+github@gmail.com>

Sun, 7 Apr 2019 15:37:31 +0000 (00:37 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Sun, 7 Apr 2019 15:50:07 +0000 (00:50 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Sun, 7 Apr 2019 15:37:31 +0000 (00:37 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Sun, 7 Apr 2019 15:50:07 +0000 (00:50 +0900)
diff --git a/src/shared/calendarspec.c b/src/shared/calendarspec.c

index 7caf7c64c39fe06f9a7f429ac3b86e4f6b1fee02..d83e7962a650503a7d03e08973eda8cdb44d1b17 100644 (file)
--- a/src/shared/calendarspec.c
+++ b/src/shared/calendarspec.c
@@ -579,6 +579,9 @@ static int calendarspec_from_time_t(CalendarSpec *c, time_t time) {
          if (!gmtime_r(&time, &tm))
                  return -ERANGE;
  
+        if (tm.tm_year > INT_MAX - 1900)
+                return -ERANGE;
+
          r = const_chain(tm.tm_year + 1900, &year);
          if (r < 0)
                  return r;
diff --git a/test/fuzz/fuzz-calendarspec/oss-fuzz-14108 b/test/fuzz/fuzz-calendarspec/oss-fuzz-14108

new file mode 100644 (file)

index 0000000..6899c23
--- /dev/null
+++ b/test/fuzz/fuzz-calendarspec/oss-fuzz-14108
@@ -0,0 +1 @@
+@67767992554749550
+\ No newline at end of file
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Sun, 7 Apr 2019 15:37:31 +0000 (00:37 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Sun, 7 Apr 2019 15:50:07 +0000 (00:50 +0900)
src/shared/calendarspec.c		patch \| blob \| blame \| history
test/fuzz/fuzz-calendarspec/oss-fuzz-14108	[new file with mode: 0644]	patch \| blob