Mercurial > hg > nginx
comparison src/core/ngx_parse_time.c @ 7067:e3723f2a11b7
Parenthesized ASCII-related calculations.
This also fixes potential undefined behaviour in the range and slice filter
modules, caused by local overflows of signed integers in expressions.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Mon, 17 Jul 2017 17:23:51 +0300 |
parents | 2cd019520210 |
children | b38a8f0ca4a2 |
comparison
equal
deleted
inserted
replaced
7066:a27e0c7e198c | 7067:e3723f2a11b7 |
---|---|
56 if (fmt != isoc) { | 56 if (fmt != isoc) { |
57 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { | 57 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { |
58 return NGX_ERROR; | 58 return NGX_ERROR; |
59 } | 59 } |
60 | 60 |
61 day = (*p - '0') * 10 + *(p + 1) - '0'; | 61 day = (*p - '0') * 10 + (*(p + 1) - '0'); |
62 p += 2; | 62 p += 2; |
63 | 63 |
64 if (*p == ' ') { | 64 if (*p == ' ') { |
65 if (end - p < 18) { | 65 if (end - p < 18) { |
66 return NGX_ERROR; | 66 return NGX_ERROR; |
130 { | 130 { |
131 return NGX_ERROR; | 131 return NGX_ERROR; |
132 } | 132 } |
133 | 133 |
134 year = (*p - '0') * 1000 + (*(p + 1) - '0') * 100 | 134 year = (*p - '0') * 1000 + (*(p + 1) - '0') * 100 |
135 + (*(p + 2) - '0') * 10 + *(p + 3) - '0'; | 135 + (*(p + 2) - '0') * 10 + (*(p + 3) - '0'); |
136 p += 4; | 136 p += 4; |
137 | 137 |
138 } else if (fmt == rfc850) { | 138 } else if (fmt == rfc850) { |
139 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { | 139 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { |
140 return NGX_ERROR; | 140 return NGX_ERROR; |
141 } | 141 } |
142 | 142 |
143 year = (*p - '0') * 10 + *(p + 1) - '0'; | 143 year = (*p - '0') * 10 + (*(p + 1) - '0'); |
144 year += (year < 70) ? 2000 : 1900; | 144 year += (year < 70) ? 2000 : 1900; |
145 p += 2; | 145 p += 2; |
146 } | 146 } |
147 | 147 |
148 if (fmt == isoc) { | 148 if (fmt == isoc) { |
159 if (*p != ' ') { | 159 if (*p != ' ') { |
160 if (*p < '0' || *p > '9') { | 160 if (*p < '0' || *p > '9') { |
161 return NGX_ERROR; | 161 return NGX_ERROR; |
162 } | 162 } |
163 | 163 |
164 day = day * 10 + *p++ - '0'; | 164 day = day * 10 + (*p++ - '0'); |
165 } | 165 } |
166 | 166 |
167 if (end - p < 14) { | 167 if (end - p < 14) { |
168 return NGX_ERROR; | 168 return NGX_ERROR; |
169 } | 169 } |
175 | 175 |
176 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { | 176 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { |
177 return NGX_ERROR; | 177 return NGX_ERROR; |
178 } | 178 } |
179 | 179 |
180 hour = (*p - '0') * 10 + *(p + 1) - '0'; | 180 hour = (*p - '0') * 10 + (*(p + 1) - '0'); |
181 p += 2; | 181 p += 2; |
182 | 182 |
183 if (*p++ != ':') { | 183 if (*p++ != ':') { |
184 return NGX_ERROR; | 184 return NGX_ERROR; |
185 } | 185 } |
186 | 186 |
187 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { | 187 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { |
188 return NGX_ERROR; | 188 return NGX_ERROR; |
189 } | 189 } |
190 | 190 |
191 min = (*p - '0') * 10 + *(p + 1) - '0'; | 191 min = (*p - '0') * 10 + (*(p + 1) - '0'); |
192 p += 2; | 192 p += 2; |
193 | 193 |
194 if (*p++ != ':') { | 194 if (*p++ != ':') { |
195 return NGX_ERROR; | 195 return NGX_ERROR; |
196 } | 196 } |
197 | 197 |
198 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { | 198 if (*p < '0' || *p > '9' || *(p + 1) < '0' || *(p + 1) > '9') { |
199 return NGX_ERROR; | 199 return NGX_ERROR; |
200 } | 200 } |
201 | 201 |
202 sec = (*p - '0') * 10 + *(p + 1) - '0'; | 202 sec = (*p - '0') * 10 + (*(p + 1) - '0'); |
203 | 203 |
204 if (fmt == isoc) { | 204 if (fmt == isoc) { |
205 p += 2; | 205 p += 2; |
206 | 206 |
207 if (*p++ != ' ') { | 207 if (*p++ != ' ') { |
214 { | 214 { |
215 return NGX_ERROR; | 215 return NGX_ERROR; |
216 } | 216 } |
217 | 217 |
218 year = (*p - '0') * 1000 + (*(p + 1) - '0') * 100 | 218 year = (*p - '0') * 1000 + (*(p + 1) - '0') * 100 |
219 + (*(p + 2) - '0') * 10 + *(p + 3) - '0'; | 219 + (*(p + 2) - '0') * 10 + (*(p + 3) - '0'); |
220 } | 220 } |
221 | 221 |
222 if (hour > 23 || min > 59 || sec > 59) { | 222 if (hour > 23 || min > 59 || sec > 59) { |
223 return NGX_ERROR; | 223 return NGX_ERROR; |
224 } | 224 } |