ruby-changes:30517
From: nobu <ko1@a...>
Date: Sat, 17 Aug 2013 22:20:58 +0900 (JST)
Subject: [ruby-changes:30517] nobu:r42596 (trunk): time.c: ignore invalid data
nobu 2013-08-17 22:20:50 +0900 (Sat, 17 Aug 2013) New Revision: 42596 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=42596 Log: time.c: ignore invalid data * time.c (time_mload): ignore invalid offset and zone. [ruby-core:56648] [Bug #8795] Modified files: trunk/ChangeLog trunk/test/ruby/test_time.rb trunk/time.c Index: time.c =================================================================== --- time.c (revision 42595) +++ time.c (revision 42596) @@ -754,7 +754,8 @@ static VALUE time_utc_offset _((VALUE)); https://github.com/ruby/ruby/blob/trunk/time.c#L754 static int obj2int(VALUE obj); static VALUE obj2vint(VALUE obj); static int month_arg(VALUE arg); -static void validate_utc_offset(VALUE utc_offset); +static VALUE validate_utc_offset(VALUE utc_offset); +static VALUE validate_zone_name(VALUE zone_name); static void validate_vtm(struct vtm *vtm); static int obj2subsecx(VALUE obj, VALUE *subsecx); @@ -2581,11 +2582,19 @@ month_arg(VALUE arg) https://github.com/ruby/ruby/blob/trunk/time.c#L2582 return mon; } -static void +static VALUE validate_utc_offset(VALUE utc_offset) { if (le(utc_offset, INT2FIX(-86400)) || ge(utc_offset, INT2FIX(86400))) rb_raise(rb_eArgError, "utc_offset out of range"); + return utc_offset; +} + +static VALUE +validate_zone_name(VALUE zone_name) +{ + StringValueCStr(zone_name); + return zone_name; } static void @@ -4702,8 +4711,9 @@ time_mload(VALUE time, VALUE str) https://github.com/ruby/ruby/blob/trunk/time.c#L4711 get_attr(nano_num, {}); get_attr(nano_den, {}); get_attr(submicro, {}); - get_attr(offset, validate_utc_offset(offset)); - get_attr(zone, {}); + get_attr(offset, (offset = rb_rescue(validate_utc_offset, offset, NULL, Qnil))); + get_attr(zone, (zone = rb_rescue(validate_zone_name, zone, NULL, Qnil))); + #undef get_attr rb_copy_generic_ivar(time, str); @@ -4789,7 +4799,7 @@ end_submicro: ; https://github.com/ruby/ruby/blob/trunk/time.c#L4799 time_fixoff(time); } if (!NIL_P(zone)) { - tobj->vtm.zone = StringValueCStr(zone); + tobj->vtm.zone = RSTRING_PTR(zone); } return time; Index: ChangeLog =================================================================== --- ChangeLog (revision 42595) +++ ChangeLog (revision 42596) @@ -1,3 +1,8 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Sat Aug 17 22:20:47 2013 Nobuyoshi Nakada <nobu@r...> + + * time.c (time_mload): ignore invalid offset and zone. + [ruby-core:56648] [Bug #8795] + Sat Aug 17 20:11:49 2013 Benoit Daloze <eregontp@g...> * process.c: [DOC] MACH_ABSOLUTE_TIME_CLOCK_MONOTONIC is an Index: test/ruby/test_time.rb =================================================================== --- test/ruby/test_time.rb (revision 42595) +++ test/ruby/test_time.rb (revision 42596) @@ -312,6 +312,43 @@ class TestTime < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_time.rb#L312 "[ruby-dev:44827] [Bug #5586]") end + def in_timezone(zone) + orig_zone = ENV['TZ'] + + ENV['TZ'] = 'UTC' + yield + ensure + ENV['TZ'] = orig_zone + end + + Bug8795 = '[ruby-core:56648] [Bug #8795]' + + def test_marshal_broken_offset + data = "\x04\bIu:\tTime\r\xEFF\x1C\x80\x00\x00\x00\x00\x06:\voffset" + t1 = t2 = nil + in_timezone('UTC') do + assert_nothing_raised(TypeError, ArgumentError, Bug8795) do + t1 = Marshal.load(data + "T") + t2 = Marshal.load(data + "\"\x0ebadoffset") + end + assert_equal(0, t1.utc_offset) + assert_equal(0, t2.utc_offset) + end + end + + def test_marshal_broken_zone + data = "\x04\bIu:\tTime\r\xEFF\x1C\x80\x00\x00\x00\x00\x06:\tzone" + t1 = t2 = nil + in_timezone('UTC') do + assert_nothing_raised(TypeError, ArgumentError, Bug8795) do + t1 = Marshal.load(data + "T") + t2 = Marshal.load(data + "\"\b\0\0\0") + end + assert_equal('UTC', t1.zone) + assert_equal('UTC', t2.zone) + end + end + def test_at3 t2000 = get_t2000 assert_equal(t2000, Time.at(t2000)) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/