[libgsf] Perform some range checking in gsf_timestamp_load_from_string to avoid crashing in glib. [#702671]



commit 770093c26a6293c9a4a88b8c23981d29bafc6d55
Author: Andreas J Guelzow <aguelzow pyrshep ca>
Date:   Wed Jun 19 11:14:21 2013 -0600

    Perform some range checking in gsf_timestamp_load_from_string to avoid crashing in glib. [#702671]
    
    2013-06-19  Andreas J. Guelzow <aguelzow pyrshep ca>
    
        * gsf/gsf-timestamp.c (gsf_timestamp_load_from_string): perfrom
        some range checking to avoid crashing in glib.

 ChangeLog           |    5 +++++
 NEWS                |    4 ++++
 gsf/gsf-timestamp.c |   20 ++++++++++++++++----
 3 files changed, 25 insertions(+), 4 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 9a8ddfb..3f712d0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2013-06-19  Andreas J. Guelzow <aguelzow pyrshep ca>
+
+       * gsf/gsf-timestamp.c (gsf_timestamp_load_from_string): perfrom
+       some range checking to avoid crashing in glib.
+
 2013-04-20  Morten Welinder  <terra gnome org>
 
        * gsf/gsf-infile-msvba.c (gsf_vba_inflate): Plug multiple leaks.
diff --git a/NEWS b/NEWS
index 40f828d..473816b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,9 @@
 libgsf 1.14.27
 
+Andreas:
+       * Perform some range checking in gsf_timestamp_load_from_string
+       to avoid crashing in glib. [#702671] 
+
 Morten:
        * Introspection fixes.
        * Property documentation fixes.
diff --git a/gsf/gsf-timestamp.c b/gsf/gsf-timestamp.c
index 58418fe..5a9de0a 100644
--- a/gsf/gsf-timestamp.c
+++ b/gsf/gsf-timestamp.c
@@ -127,7 +127,7 @@ static time_t gmt_to_local_win32(void)
  *
  * Very simple parser for time stamps.  Currently requires a format of
  *     'YYYY-MM-DDThh:mm:ss'
- * and does no bounds checking.
+ * and does only rudimentary range checking
  *
  * Since: 1.14.24
  *
@@ -136,15 +136,27 @@ static time_t gmt_to_local_win32(void)
 int
 gsf_timestamp_load_from_string (GsfTimestamp *stamp, char const *spec)
 {
-       int year, month, day, hour, minute, second;
+       guint year, month, day, hour, minute;
+       float second;
        GDateTime *dt;
 
        /* 'YYYY-MM-DDThh:mm:ss' */
-       if (6 != sscanf (spec, "%d-%d-%dT%d:%d:%d",
+       if (6 != sscanf (spec, "%u-%u-%uT%u:%u:%f",
                         &year, &month, &day, &hour, &minute, &second))
                return FALSE;
 
-       dt = g_date_time_new_utc (year, month, day, hour, minute, second);
+       /* g_date_time_new_utc documentation says: */
+       /* It not considered a programmer error for the values to this function to be out of range,*/
+       /* but in the case that they are, the function will return NULL. */
+       /* Nevertheless it seems to fail on values that are extremely out of range, see bug #702671 */
+       if (second < 0.0 || second >= 60.0)
+               return FALSE;
+       if (minute > 59 || hour > 23)
+               return FALSE;
+       if (day > 32 || month > 12 || year > 9999)
+               return FALSE;
+
+       dt = g_date_time_new_utc ((int)year, (int)month, (int)day, (int)hour, (int)minute, second);
        if (!dt)
                return FALSE;
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]