kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

Check month overflow when marshal

Browse source 
https://hackerone.com/reports/1244185
This commit is contained in:
Nobuyoshi Nakada 2021-06-26 01:48:01 +09:00
parent 12a0a89e22
commit da652e1827
No known key found for this signature in database
GPG key ID: 7CD2805BFA3770C6
Notes: git 2021-12-10 00:33:56 +09:00 
Merged: https://github.com/ruby/ruby/pull/5238
2 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
test/ruby/test_time.rb
View file

@ -386,6 +386,11 @@ class TestTime < Test::Unit::TestCase
end
end
def test_marshal_broken_month
data = "\x04\x08u:\tTime\r\x20\x7c\x1e\xc0\x00\x00\x00\x00"
assert_equal(Time.utc(2022, 4, 1), Marshal.load(data))
end
def test_marshal_distant_past
assert_marshal_roundtrip(Time.utc(1890, 1, 1))
assert_marshal_roundtrip(Time.utc(-4.5e9, 1, 1))

7
time.c
View file

@ -5251,8 +5251,13 @@ time_mload(VALUE time, VALUE str)
year = rb_int_plus(year, year_extend);
}
}
unsigned int mon = ((int)(p >> 10) & 0xf); /* 0...12 */
if (mon >= 12) {
mon -= 12;
year = addv(year, LONG2FIX(1));
}
vtm.year = year;
vtm.mon = ((int)(p >> 10) & 0xf) + 1;
vtm.mon = mon + 1;
vtm.mday = (int)(p >> 5) & 0x1f;
vtm.hour = (int) p & 0x1f;
vtm.min = (int)(s >> 26) & 0x3f;