luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-03-26 09:30:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

gdatetime: Factor out an undersized variable

Browse Source 
For long input strings, it would have been possible for `i` to overflow.
Avoid that problem by using the `tz_length` instead, so that we count up
rather than down.

This commit introduces no functional changes (outside of changing
undefined behaviour), and can be verified using the identity
`i === length - tz_length`.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>
This commit is contained in:
Philip Withnall 2025-02-18 17:28:33 +00:00
parent 3672764a17
commit 0ffdbebd9a
No known key found for this signature in database
GPG Key ID: C5C42CFB268637CA
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
glib/gdatetime.c
View File

@ -1395,7 +1395,7 @@ static GTimeZone *
parse_iso8601_timezone (const gchar *text, gsize length, size_t *tz_offset)
{
size_t tz_length;
gint i, offset_hours, offset_minutes;
gint offset_hours, offset_minutes;
gint offset_sign = 1;
GTimeZone *tz;
const char *tz_start;
@ -1408,16 +1408,15 @@ parse_iso8601_timezone (const gchar *text, gsize length, size_t *tz_offset)
}
/* Look for '+' or '-' of offset */
for (i = length - 1; i >= 0; i--)
if (text[i] == '+' || text[i] == '-')
for (tz_length = 1; tz_length <= length; tz_length++)
if (text[length - tz_length] == '+' || text[length - tz_length] == '-')
{
offset_sign = text[i] == '-' ? -1 : 1;
offset_sign = text[length - tz_length] == '-' ? -1 : 1;
break;
}
if (i < 0)
if (tz_length > length)
return NULL;
tz_start = text + i;
tz_length = length - i;
tz_start = text + length - tz_length;
/* +hh:mm or -hh:mm */
if (tz_length == 6 && tz_start[3] == ':')