[libxslt] Fix float casts in exsltDateDuration

[Nick Wellnhofer <nwellnhof src gnome org>]

commit 6df1b708bd02f05c6d85ddddc1ca7f5450ebc5ea
Author: Nick Wellnhofer <wellnhofer aevum de>
Date:   Fri Mar 8 12:59:09 2019 +0100

    Fix float casts in exsltDateDuration
    
    Add range check before converting double to long to avoid undefined
    behavior.
    
    Found with libFuzzer and UBSan.

 libexslt/date.c                 | 7 +++++--
 tests/exslt/date/duration.2.out | 2 ++
 tests/exslt/date/duration.2.xml | 1 +
 3 files changed, 8 insertions(+), 2 deletions(-)
---
diff --git a/libexslt/date.c b/libexslt/date.c
index 6a3eb584..32c9db70 100644
--- a/libexslt/date.c
+++ b/libexslt/date.c
@@ -3106,14 +3106,17 @@ exsltDateDuration (const xmlChar *number)
     else
         secs = xmlXPathCastStringToNumber(number);
 
-    if ((xmlXPathIsNaN(secs)) || (xmlXPathIsInf(secs)))
+    if (xmlXPathIsNaN(secs))
+        return NULL;
+
+    days = floor(secs / SECS_PER_DAY);
+    if ((days <= LONG_MIN) || (days >= LONG_MAX))
         return NULL;
 
     dur = exsltDateCreateDuration();
     if (dur == NULL)
         return NULL;
 
-    days = floor(secs / SECS_PER_DAY);
     dur->day = (long)days;
     dur->sec = secs - days * SECS_PER_DAY;
 
diff --git a/tests/exslt/date/duration.2.out b/tests/exslt/date/duration.2.out
index 688b1768..87505d55 100644
--- a/tests/exslt/date/duration.2.out
+++ b/tests/exslt/date/duration.2.out
@@ -12,4 +12,6 @@ result   :
 duration : P10Y10Y
 result   : 
 duration : P10.0Y
+result   : 
+duration : 9999999999999999999999999
 result   : 
\ No newline at end of file
diff --git a/tests/exslt/date/duration.2.xml b/tests/exslt/date/duration.2.xml
index 5bc250e0..d81f21d2 100644
--- a/tests/exslt/date/duration.2.xml
+++ b/tests/exslt/date/duration.2.xml
@@ -8,5 +8,6 @@
  <date seconds="P10Y10H"/>
  <date seconds="P10Y10Y"/>
  <date seconds="P10.0Y"/>
+ <date seconds="9999999999999999999999999"/>
 </page>