diff options
| author | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2022-09-27 22:46:06 +0900 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2022-09-28 21:07:00 +0900 |
| commit | d12fce7af3af27096b336f43700fffd51158e928 (patch) | |
| tree | ab9ccfd61bb949e4457f5c69b3aa18289be269ec /ext/date/date_parse.c | |
| parent | cd77e71bbac9616a906f6823a8eba4922821e9ad (diff) | |
[ruby/date] Check time zone offset elements
Too big parts of fractional hour time zone offset can cause assertion
failures.
https://github.com/ruby/date/commit/06bcfb2729
Diffstat (limited to 'ext/date/date_parse.c')
| -rw-r--r-- | ext/date/date_parse.c | 47 |
1 files changed, 36 insertions, 11 deletions
diff --git a/ext/date/date_parse.c b/ext/date/date_parse.c index 95274d5baa..4890401894 100644 --- a/ext/date/date_parse.c +++ b/ext/date/date_parse.c @@ -473,27 +473,53 @@ date_zone_to_diff(VALUE str) s++; l--; +#define out_of_range(v, min, max) ((v) < (min) || (max) < (v)) hour = STRTOUL(s, &p, 10); if (*p == ':') { + if (out_of_range(sec, 0, 59)) return Qnil; s = ++p; min = STRTOUL(s, &p, 10); + if (out_of_range(min, 0, 59)) return Qnil; if (*p == ':') { s = ++p; sec = STRTOUL(s, &p, 10); + if (out_of_range(hour, 0, 23)) return Qnil; } - goto num; } - if (*p == ',' || *p == '.') { - char *e = 0; - p++; - min = STRTOUL(p, &e, 10) * 3600; + else if (*p == ',' || *p == '.') { + /* fractional hour */ + size_t n; + int ov; + /* no over precision for offset; 10**-7 hour = 0.36 + * milliseconds should be enough. */ + const size_t max_digits = 7; /* 36 * 10**7 < 32-bit FIXNUM_MAX */ + + if (out_of_range(hour, 0, 23)) return Qnil; + + n = (s + l) - ++p; + if (n > max_digits) n = max_digits; + sec = ruby_scan_digits(p, n, 10, &n, &ov); + if ((p += n) < s + l && *p >= ('5' + !(sec & 1)) && *p <= '9') { + /* round half to even */ + sec++; + } + sec *= 36; if (sign) { hour = -hour; - min = -min; + sec = -sec; + } + if (n <= 2) { + /* HH.nn or HH.n */ + if (n == 1) sec *= 10; + offset = INT2FIX(sec + hour * 3600); + } + else { + VALUE denom = rb_int_positive_pow(10, (int)(n - 2)); + offset = f_add(rb_rational_new(INT2FIX(sec), denom), INT2FIX(hour * 3600)); + if (rb_rational_den(offset) == INT2FIX(1)) { + offset = rb_rational_num(offset); + } } - offset = rb_rational_new(INT2FIX(min), - rb_int_positive_pow(10, (int)(e - p))); - offset = f_add(INT2FIX(hour * 3600), offset); goto ok; } else if (l > 2) { @@ -506,12 +532,11 @@ date_zone_to_diff(VALUE str) min = ruby_scan_digits(&s[2 - l % 2], 2, 10, &n, &ov); if (l >= 5) sec = ruby_scan_digits(&s[4 - l % 2], 2, 10, &n, &ov); - goto num; } - num: sec += min * 60 + hour * 3600; if (sign) sec = -sec; offset = INT2FIX(sec); +#undef out_of_range } } } |