From da652e1827a47c8ee37fab72832ba8324c94911f Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Sat, 26 Jun 2021 01:48:01 +0900
Subject: Check month overflow when marshal

https://hackerone.com/reports/1244185
---
 test/ruby/test_time.rb | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'test/ruby')

diff --git a/test/ruby/test_time.rb b/test/ruby/test_time.rb
index c629a59c02..b3dc5d99e3 100644
--- a/test/ruby/test_time.rb
+++ b/test/ruby/test_time.rb
@@ -386,6 +386,11 @@ class TestTime < Test::Unit::TestCase
     end
   end
 
+  def test_marshal_broken_month
+    data = "\x04\x08u:\tTime\r\x20\x7c\x1e\xc0\x00\x00\x00\x00"
+    assert_equal(Time.utc(2022, 4, 1), Marshal.load(data))
+  end
+
   def test_marshal_distant_past
     assert_marshal_roundtrip(Time.utc(1890, 1, 1))
     assert_marshal_roundtrip(Time.utc(-4.5e9, 1, 1))
-- 
cgit v1.2.3