From dde3eb8170932338a806f6a344083c8469204c62 Mon Sep 17 00:00:00 2001 From: joe Date: Fri, 12 Oct 2018 09:46:51 +0000 Subject: * src/ne_dates.c (ne_asctime_parse, ne_rfc1123_parse): Fail for sscanf failure. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@2033 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845 --- src/ne_dates.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/src/ne_dates.c b/src/ne_dates.c index b621e7a..8a58a20 100644 --- a/src/ne_dates.c +++ b/src/ne_dates.c @@ -171,11 +171,12 @@ time_t ne_rfc1123_parse(const char *date) int n; time_t result; -/* it goes: Sun, 06 Nov 1994 08:49:37 GMT */ - n = sscanf(date, RFC1123_FORMAT, - wkday, &gmt.tm_mday, mon, &gmt.tm_year, &gmt.tm_hour, - &gmt.tm_min, &gmt.tm_sec); - /* Is it portable to check n==7 here? */ + /* it goes: Sun, 06 Nov 1994 08:49:37 GMT */ + if (sscanf(date, RFC1123_FORMAT, + wkday, &gmt.tm_mday, mon, &gmt.tm_year, &gmt.tm_hour, + &gmt.tm_min, &gmt.tm_sec) != 7) + return (time_t) -1; + gmt.tm_year -= 1900; for (n=0; n<12; n++) if (strcmp(mon, short_months[n]) == 0) @@ -204,7 +205,6 @@ time_t ne_rfc1036_parse(const char *date) return (time_t)-1; } - /* portable to check n here? */ for (n=0; n<12; n++) if (strcmp(mon, short_months[n]) == 0) break; @@ -232,11 +232,12 @@ time_t ne_asctime_parse(const char *date) char wkday[4], mon[4]; time_t result; - n = sscanf(date, ASCTIME_FORMAT, - wkday, mon, &gmt.tm_mday, - &gmt.tm_hour, &gmt.tm_min, &gmt.tm_sec, - &gmt.tm_year); - /* portable to check n here? */ + if (sscanf(date, ASCTIME_FORMAT, + wkday, mon, &gmt.tm_mday, + &gmt.tm_hour, &gmt.tm_min, &gmt.tm_sec, + &gmt.tm_year) != 7) + return (time_t)-1; + for (n=0; n<12; n++) if (strcmp(mon, short_months[n]) == 0) break; -- cgit v1.2.1