SoupCookieJar: catch overflows when parsing very distant dates

Our APIs use an int for max_age, which meant that when reading a
cookie file/db written by another program on a 64-bit architecture, a
very large max_age would overflow. Fix things up to avoid that. Since
we can't change the APIs to use a long for max_age, this means that we
will end up expiring the cookie "early" (eg, in 20 years rather than
50).

Based on a patch from Mark Starovoytov
https://bugzilla.gnome.org/show_bug.cgi?id=643462

1 files changed, 14 insertions, 2 deletions

diff --git a/libsoup/soup-date.c b/libsoup/soup-date.c
index 29366558..a8a32e9a 100644
--- a/libsoup/soup-date.c
+++ b/libsoup/soup-date.c
@@ -200,12 +200,24 @@ soup_date_new (int year, int month, int day,
  * current time (or before it, if @offset_seconds is negative). If
  * offset_seconds is 0, returns the current time.
  *
+ * If @offset_seconds would indicate a time not expressible as a
+ * #time_t, the return value will be clamped into range.
+ *
  * Return value: a new #SoupDate
  **/
 SoupDate *
 soup_date_new_from_now (int offset_seconds)
 {
-	return soup_date_new_from_time_t (time (NULL) + offset_seconds);
+	time_t now = time (NULL);
+	time_t then = now + offset_seconds;
+
+	if (sizeof (time_t) == 4) {
+		if (offset_seconds < 0 && then > now)
+			return soup_date_new_from_time_t (-G_MAXINT);
+		else if (offset_seconds > 0 && then < now)
+			return soup_date_new_from_time_t (G_MAXINT);
+	}
+	return soup_date_new_from_time_t (then);
 }
 
 static gboolean
@@ -757,7 +769,7 @@ soup_date_is_past (SoupDate *date)
 	g_return_val_if_fail (date != NULL, TRUE);
 
 	/* optimization */
-	if (date->year < 2008)
+	if (date->year < 2010)
 		return TRUE;
 
 	return soup_date_to_time_t (date) < time (NULL);