github-repos/wget
1
0
Fork 0
mirror of https://github.com/mirror/wget.git synced 2024-12-29 14:30:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

* src/ftp-ls.c (ftp_parse_unix_ls): Fix integer overflow in date parsing

Browse Source
This commit is contained in:
Tim Rühsen 2018-04-24 10:55:29 +02:00
parent b0f802c46c
commit d8365b0607
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/ftp-ls.c
View File

@ -242,24 +242,25 @@ ftp_parse_unix_ls (FILE *fp, int ignore_perms)
/* We must deal with digits. */
if (c_isdigit (*tok))
{
/* Suppose it's year. */
for (; c_isdigit (*tok); tok++)
/* Suppose it's year. Limit to year 99999 to avoid integer overflow. */
for (; c_isdigit (*tok) && year <= 99999; tok++)
year = (*tok - '0') + 10 * year;
if (*tok == ':')
{
int n;
/* This means these were hours! */
hour = year;
year = 0;
ptype = TT_HOUR_MIN;
++tok;
/* Get the minutes... */
for (; c_isdigit (*tok); tok++)
for (n = 0; c_isdigit (*tok) && n < 2; tok++, n++)
min = (*tok - '0') + 10 * min;
if (*tok == ':')
{
/* ...and the seconds. */
++tok;
for (; c_isdigit (*tok); tok++)
for (n = 0; c_isdigit (*tok) && n < 2; tok++, n++)
sec = (*tok - '0') + 10 * sec;
}
}