Permalink
Browse files

parsedate.c: fix a numeric overflow

  • Loading branch information...
1 parent 97b66eb commit e8a32438c24f2e67944666ff22dbbba829ccaf2a @yangtse yangtse committed Mar 22, 2012
Showing with 23 additions and 2 deletions.
  1. +23 −2 lib/parsedate.c
View
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -75,6 +75,10 @@
#include "setup.h"
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+
#include <curl/curl.h>
#include "rawstr.h"
#include "warnless.h"
@@ -392,7 +396,24 @@ static int parsedate(const char *date, time_t *output)
secnum = 0;
}
else {
- val = curlx_sltosi(strtol(date, &end, 10));
+ long lval;
+ int error;
+ int old_errno;
+
+ old_errno = ERRNO;
+ SET_ERRNO(0);
+ lval = strtol(date, &end, 10);
+ error = ERRNO;
+ if(error != old_errno)
+ SET_ERRNO(old_errno);
+
+ if(error)
+ return PARSEDATE_FAIL;
+
+ if((lval > (long)INT_MAX) || (lval < (long)INT_MIN))
+ return PARSEDATE_FAIL;
+
+ val = curlx_sltosi(lval);
if((tzoff == -1) &&
((end - date) == 4) &&

0 comments on commit e8a3243

Please sign in to comment.