luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-02-23 10:42:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

gdatetime: Fix potential integer overflow in timezone offset handling

Browse Source 
This one is much harder to trigger than the one in the previous commit,
but mixing `gssize` and `gsize` always runs the risk of the former
overflowing for very (very very) long input strings.

Avoid that possibility by not using the sign of the `tz_offset` to
indicate its validity, and instead using the return value of the
function.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>
This commit is contained in:
Philip Withnall 2025-02-18 16:51:36 +00:00
parent 8d60d7dc16
commit 2fa1e18361
No known key found for this signature in database
GPG Key ID: C5C42CFB268637CA
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
glib/gdatetime.c
View File

@ -1389,8 +1389,10 @@ parse_iso8601_date (const gchar *text, gsize length,
return FALSE;
}
/* Value returned in tz_offset is valid if and only if the function return value
* is non-NULL. */
static GTimeZone *
parse_iso8601_timezone (const gchar *text, gsize length, gssize *tz_offset)
parse_iso8601_timezone (const gchar *text, gsize length, size_t *tz_offset)
{
gint i, tz_length, offset_hours, offset_minutes;
gint offset_sign = 1;
@ -1458,11 +1460,11 @@ static gboolean
parse_iso8601_time (const gchar *text, gsize length,
gint *hour, gint *minute, gdouble *seconds, GTimeZone **tz)
{
gssize tz_offset = -1;
size_t tz_offset = 0;
/* Check for timezone suffix */
*tz = parse_iso8601_timezone (text, length, &tz_offset);
if (tz_offset >= 0)
if (*tz != NULL)
length = tz_offset;
/* hh:mm:ss(.sss) */