If the string is too shhort we don't want to atoi() whatever is beyond
the end of it.
Found using Honggfuzz and the fuzz_parse_lpq_entry fuzzer.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 5 05:07:13 UTC 2021 on sn-devel-184
}
if ( atoi(time_string) < 24 ){
+ if (strlen(time_string) < 7) {
+ return (time_t)-1;
+ }
t->tm_hour = atoi(time_string);
t->tm_min = atoi(time_string+3);
t->tm_sec = atoi(time_string+6);
} else {
+ if (strlen(time_string) < 18) {
+ return (time_t)-1;
+ }
t->tm_year = atoi(time_string)-1900;
t->tm_mon = atoi(time_string+5)-1;
t->tm_mday = atoi(time_string+8);