Mercurial > gnulib
changeset 17624:3cf8cbc50647
parse-datetime: fix crash or infloop in TZ="" parsing
This was reported in http://bugs.gnu.org/16872
from the coreutils command: date -d 'TZ="""'
The infinite loop for this case was present since the
initial TZ="" parsing support in commit de95bdc2 29-10-2004.
This was changed to a crash or heap corruption depending
on the platform with commit 2e3e4195 18-01-2010.
* lib/parse-datetime.y (parse_datetime): Break out of the
TZ="" parsing loop once the second significant " is found.
Also skip over any subsequent whitespace to be consistent
with the non TZ= case.
* tests/test-parse-datetime.c: Add test cases for TZ="" parsing.
| author | Pádraig Brady <P@draigBrady.com> |
|---|---|
| date | Tue, 25 Feb 2014 10:58:48 +0000 |
| parents | 90bd1e522c10 |
| children | e2f490eebebe |
| files | ChangeLog lib/parse-datetime.y tests/test-parse-datetime.c |
| diffstat | 3 files changed, 30 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Wed Feb 26 23:58:18 2014 -0800 +++ b/ChangeLog Tue Feb 25 10:58:48 2014 +0000 @@ -1,3 +1,12 @@ +2014-02-26 Pádraig Brady <P@draigBrady.com> + + parse-datetime: fix crash or infloop in TZ="" parsing + * lib/parse-datetime.y (parse_datetime): Break out of the + TZ="" parsing loop once the second significant " is found. + Also skip over any subsequent whitespace to be consistent + with the non TZ= case. + * tests/test-parse-datetime.c: Add test cases for TZ="" parsing. + 2014-02-26 Paul Eggert <eggert@cs.ucla.edu> savedir: new symbol for fast-read version
--- a/lib/parse-datetime.y Wed Feb 26 23:58:18 2014 -0800 +++ b/lib/parse-datetime.y Tue Feb 25 10:58:48 2014 +0000 @@ -1303,8 +1303,6 @@ char tz1buf[TZBUFSIZE]; bool large_tz = TZBUFSIZE < tzsize; bool setenv_ok; - /* Free tz0, in case this is the 2nd or subsequent time through. */ - free (tz0); tz0 = get_tz (tz0buf); z = tz1 = large_tz ? xmalloc (tzsize) : tz1buf; for (s = tzbase; *s != '"'; s++) @@ -1316,7 +1314,12 @@ if (!setenv_ok) goto fail; tz_was_altered = true; + p = s + 1; + while (c = *p, c_isspace (c)) + p++; + + break; } }
--- a/tests/test-parse-datetime.c Wed Feb 26 23:58:18 2014 -0800 +++ b/tests/test-parse-datetime.c Tue Feb 25 10:58:48 2014 +0000 @@ -419,5 +419,21 @@ starting with a high-bit-set byte would be treated like "0". */ ASSERT ( ! parse_datetime (&result, "\xb0", &now)); + /* Exercise TZ="" parsing code. */ + /* These two would infloop or segfault before Feb 2014. */ + ASSERT ( ! parse_datetime (&result, "TZ=\"\"\"", &now)); + ASSERT ( ! parse_datetime (&result, "TZ=\"\" \"", &now)); + /* Exercise invalid patterns. */ + ASSERT ( ! parse_datetime (&result, "TZ=\"", &now)); + ASSERT ( ! parse_datetime (&result, "TZ=\"\\\"", &now)); + ASSERT ( ! parse_datetime (&result, "TZ=\"\\n", &now)); + ASSERT ( ! parse_datetime (&result, "TZ=\"\\n\"", &now)); + /* Exercise valid patterns. */ + ASSERT ( parse_datetime (&result, "TZ=\"\"", &now)); + ASSERT ( parse_datetime (&result, "TZ=\"\" ", &now)); + ASSERT ( parse_datetime (&result, " TZ=\"\"", &now)); + ASSERT ( parse_datetime (&result, "TZ=\"\\\\\"", &now)); + ASSERT ( parse_datetime (&result, "TZ=\"\\\"\"", &now)); + return 0; }