diff options
author | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2021-06-26 01:48:01 +0900 |
---|---|---|
committer | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2021-12-09 21:51:39 +0900 |
commit | da652e1827a47c8ee37fab72832ba8324c94911f (patch) | |
tree | 0fcb107e35a26a3ef65f175052506c474930c510 /time.c | |
parent | 12a0a89e22fbc312e4a95a7749bc153532daa855 (diff) |
Check month overflow when marshal
https://hackerone.com/reports/1244185
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/5238
Diffstat (limited to 'time.c')
-rw-r--r-- | time.c | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -5251,8 +5251,13 @@ time_mload(VALUE time, VALUE str) year = rb_int_plus(year, year_extend); } } + unsigned int mon = ((int)(p >> 10) & 0xf); /* 0...12 */ + if (mon >= 12) { + mon -= 12; + year = addv(year, LONG2FIX(1)); + } vtm.year = year; - vtm.mon = ((int)(p >> 10) & 0xf) + 1; + vtm.mon = mon + 1; vtm.mday = (int)(p >> 5) & 0x1f; vtm.hour = (int) p & 0x1f; vtm.min = (int)(s >> 26) & 0x3f; |