calendarspec: fix possible integer overflow

Fixes oss-fuzz#14108. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14108
2019-04-08 00:37:31 +09:00 · 2019-04-08 00:37:31 +09:00 · daa4aca1cb
parent fb3ba5ec11
commit daa4aca1cb
2 changed files with 4 additions and 0 deletions
--- a/src/shared/calendarspec.c
+++ b/src/shared/calendarspec.c
@ -579,6 +579,9 @@ static int calendarspec_from_time_t(CalendarSpec *c, time_t time) {
        if (!gmtime_r(&time, &tm))
                return -ERANGE;

+        if (tm.tm_year > INT_MAX - 1900)
+                return -ERANGE;
+
        r = const_chain(tm.tm_year + 1900, &year);
        if (r < 0)
                return r;
--- a/test/fuzz/fuzz-calendarspec/oss-fuzz-14108
+++ b/test/fuzz/fuzz-calendarspec/oss-fuzz-14108
@ -0,0 +1 @@
+@67767992554749550