luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-11-10 11:26:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ossfuzz-28718-date-normalization' into 'master'

Browse Source 
gdate: Limit length of dates which can be parsed as valid

See merge request GNOME/glib!1821
This commit is contained in:
Sebastian Dröge 2020-12-21 17:48:45 +00:00
commit 8f590df123
2 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
glib/gdate.c
View File

@ -1229,14 +1229,21 @@ g_date_set_parse (GDate *d,
{
GDateParseTokens pt;
guint m = G_DATE_BAD_MONTH, day = G_DATE_BAD_DAY, y = G_DATE_BAD_YEAR;
gsize str_len;
g_return_if_fail (d != NULL);
/* set invalid */
g_date_clear (d, 1);
/* Anything longer than this is ridiculous and could take a while to normalize.
* This limit is chosen arbitrarily. */
str_len = strlen (str);
if (str_len > 200)
return;
/* The input has to be valid UTF-8. */
if (!g_utf8_validate (str, -1, NULL))
if (!g_utf8_validate_len (str, str_len, NULL))
return;
G_LOCK (g_date_global);

4
glib/tests/date.c
View File

@ -191,6 +191,10 @@ test_parse_invalid (void)
{
/* Incomplete UTF-8 sequence */
"\xfd",
/* Ridiculously long input */
"12345678901234567890123456789012345678901234567890123456789012345678901234567890"
"12345678901234567890123456789012345678901234567890123456789012345678901234567890"
"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
};
gsize i;