Commit 7246dfff authored by Eric Lubin's avatar Eric Lubin Committed by Daniel Stenberg
Browse files

parsedate: avoid integer overflow 

In C, signed integer overflow is undefined behavior. Thus, the compiler
is allowed to assume that it will not occur. In the check for an
overflow, the developer assumes that the signed integer of type time_t
will wrap around if it overflows. However, this behavior is undefined in
the C standard. Thus, when the compiler sees this, it simplifies t +
delta < t to delta < 0. Since delta > 0 and delta < 0 can't both be
true, the entire if statement is optimized out under certain
optimization levels. Thus, the parsedate function would return
PARSEDATE_OK with an undefined value in the time, instead of return -1 =
PARSEDATE_FAIL.
parent 41d21e46

lib/parsedate.c

+2 −2
Original line number Original line Diff line number Diff line
@@ -5,7 +5,7 @@ 
 *                            | (__| |_| |  _ <| |___

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *                             \___|\___/|_| \_\_____|

 *

 *

 * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.

 * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 *

 * This software is licensed as described in the file COPYING, which

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

 * you should have received as part of this distribution. The terms
@@ -526,7 +526,7 @@ static int parsedate(const char *date, time_t *output) 
    /* Add the time zone diff between local time zone and GMT. */

    /* Add the time zone diff between local time zone and GMT. */

    long delta = (long)(tzoff!=-1?tzoff:0);

    long delta = (long)(tzoff!=-1?tzoff:0);





    if((delta>0) && (t + delta < t))

    if((delta>0) && (t > LONG_MAX  - delta))

      return -1; /* time_t overflow */

      return -1; /* time_t overflow */





    t += delta;

    t += delta;