strftime/1: fix validation of non-string argument with number input

There was a incorrect else, that caused jq to not ensure that the argument to strftime/1 is a string; this ends up calling jv_string_value on a non-string value, which does not work, and causes an assert failure. In this commit, I also remove some unnecessary else. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67403
emanuele6 · Mar 15, 2024 · a3a2aeb · a3a2aeb
1 parent c95b34f
commit a3a2aeb
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/src/builtin.c b/src/builtin.c
@@ -1597,11 +1597,11 @@ static jv f_strftime(jq_state *jq, jv a, jv b) {
       jv_free(b);
       return a;
     }
-  } else if (jv_get_kind(a) != JV_KIND_ARRAY) {
+  }
+  if (jv_get_kind(a) != JV_KIND_ARRAY)
     return ret_error2(a, b, jv_string("strftime/1 requires parsed datetime inputs"));
-  } else if (jv_get_kind(b) != JV_KIND_STRING) {
+  if (jv_get_kind(b) != JV_KIND_STRING)
     return ret_error2(a, b, jv_string("strftime/1 requires a string format"));
-  }
   struct tm tm;
   if (!jv2tm(a, &tm))
     return ret_error(b, jv_string("strftime/1 requires parsed datetime inputs"));

diff --git a/tests/jq.test b/tests/jq.test
@@ -1580,6 +1580,11 @@ try mktime catch .
 ["a",1,2,3,4,5,6,7]
 "mktime requires parsed datetime inputs"
 
+# oss-fuzz #67403: non-string argument with number input fails assert
+try ["OK", strftime([])] catch ["KO", .]
+0
+["KO","strftime/1 requires parsed datetime inputs"]
+
 # module system
 import "a" as foo; import "b" as bar; def fooa: foo::a; [fooa, bar::a, bar::b, foo::a]
 null