After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 782089 - gdatetime: Fix overflow checks when constructing from timestamps
gdatetime: Fix overflow checks when constructing from timestamps
Status: RESOLVED FIXED
Product: glib
Classification: Platform
Component: general
unspecified
Other All
: Normal normal
: ---
Assigned To: gtkdev
gtkdev
Depends on:
Blocks:
 
 
Reported: 2017-05-02 22:37 UTC by Philip Withnall
Modified: 2017-06-15 22:00 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
gdatetime: Fix overflow checks when constructing from timestamps (5.27 KB, patch)
2017-05-02 22:37 UTC, Philip Withnall
committed Details | Review

Description Philip Withnall 2017-05-02 22:37:00 UTC
Slightly non-trivial patch attached.
Comment 1 Philip Withnall 2017-05-02 22:37:04 UTC
Created attachment 350907 [details] [review]
gdatetime: Fix overflow checks when constructing from timestamps

GDateTime does overflow checks to see if the timestamp being passed in
is too big to be represented. However, it only does those after
converting from a timestamp to an interval, which involves some
multiplications and additions — and hence can overflow, and cause the
later bounds check to erroneously succeed. This results in a non-NULL
GDateTime being returned which represents completely the wrong date.

Fix the overflow checks (do them earlier) and add some unit tests.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
Comment 2 Emmanuele Bassi (:ebassi) 2017-05-04 16:02:43 UTC
Review of attachment 350907 [details] [review]:

Looks generally good to me.

::: glib/gdatetime.c
@@ +653,3 @@
                               const GTimeVal *tv)
 {
+  if (tv->tv_sec > G_MAXINT64 - 1 ||

What happens if tv_sec is a 32 bit type? Do we care?

::: glib/tests/gdatetime.c
@@ +147,3 @@
+{
+  GDateTime *dt;
+

Would be nice to a reference to the bug, here.
Comment 3 Philip Withnall 2017-05-05 09:52:17 UTC
Review of attachment 350907 [details] [review]:

::: glib/gdatetime.c
@@ +653,3 @@
                               const GTimeVal *tv)
 {
+  if (tv->tv_sec > G_MAXINT64 - 1 ||

Whoops, yes, we care. I’ll add some casts to fix this.

::: glib/tests/gdatetime.c
@@ +147,3 @@
+{
+  GDateTime *dt;
+

Good point. Added.
Comment 4 Philip Withnall 2017-05-05 09:56:22 UTC
t branch -d 782089	
Pushed with the requested changes. Thanks for the review!

Attachment 350907 [details] pushed as 9374ecc - gdatetime: Fix overflow checks when constructing from timestamps
Comment 5 Iain Lane 2017-06-15 22:00:48 UTC
See https://bugzilla.gnome.org/show_bug.cgi?id=783841 - these new tests fail for 32 bit systems.