Fuzz failed round trip

[manunio]

Hi, I received an oss-fuzz report with the following error message:

panic: failed round trip: toml: line 1 (last key "g"): invalid datetime: "2413-01-02T17:04:07+100:05"

The above panic was caused by fuzz target with the following input:
g=2413-01-02 17:04:07+99:65

at:

toml/ossfuzz/fuzz.go

Line 30 in 3203540

panic(fmt.Sprintf("failed round trip: %s", err))

originated here by second Decode:

toml/parse.go

Line 376 in 3203540

t, err = time.ParseInLocation(dt.fmt, it.val, dt.zone)

Can this be similar to go-toml's:
pelletier/go-toml#913

Input file:
clusterfuzz-testcase-minimized-fuzz_toml-5085441777795072.txt

[manunio]

Steps to Reproduce

func FuzzRound(f *testing.F) {
	f.Add([]byte("g=2413-01-02 17:04:07+99:65"))
	f.Fuzz(func(t *testing.T, data []byte) {

		t.Log("INITIAL DOCUMENT ===========================")
		t.Log(string(data))

		var v any
		_, err := Decode(string(data), &v)
		if err != nil {
			return
		}

		t.Log("DECODED VALUE ===========================")
		t.Logf("%#+v", v)

		buf := new(bytes.Buffer)
		err = NewEncoder(buf).Encode(v)
		if err != nil {
			panic(fmt.Sprintf("failed to encode decoded document: %s", err))
		}

		t.Log("ENCODED DOCUMENT ===========================")
		t.Log(buf.String())

		var v2 any
		_, err = Decode(buf.String(), &v2)
		if err != nil {
			panic(fmt.Sprintf("failed round trip: %s", err))
		}

	})
}

go test -run ^FuzzRound$ github.com/BurntSushi/toml
--- FAIL: FuzzRound (0.00s)
    --- FAIL: FuzzRound/seed#0 (0.00s)
        fuzz_test.go:85: INITIAL DOCUMENT ===========================
        fuzz_test.go:86: g=2413-01-02 17:04:07+99:65
        fuzz_test.go:94: DECODED VALUE ===========================
        fuzz_test.go:95: map[string]interface {}{"g":time.Date(2413, time.January, 2, 17, 4, 7, 0, time.Location(""))}
        fuzz_test.go:103: ENCODED DOCUMENT ===========================
        fuzz_test.go:104: g = 2413-01-02T17:04:07+100:05
            
panic: failed round trip: toml: line 1 (last key "g"): invalid datetime: "2413-01-02T17:04:07+100:05" [recovered]
        panic: failed round trip: toml: line 1 (last key "g"): invalid datetime: "2413-01-02T17:04:07+100:05"

[arp242]

It's kind of a bug in Go; let's see what comes rolling out of the bug report before I hack workarounds: golang/go#67470

[manunio]

It's kind of a bug in Go; let's see what comes rolling out of the bug report before I hack workarounds: golang/go#67470

Hi, Looks like a fix is in place: https://go.dev/cl/586717

[arp242]

Yes, should be fixed in Go 1.23, to be released in August.

This is such a far-out edge case I don't think it's worth doing anything more for this than adding a testcase and waiting until Go 1.23, as no one is writing offsets like "+99:65".

[manunio]

Yes, should be fixed in Go 1.23, to be released in August.

Yes it has been fixed and moved to 1.23 milestone.

This is such a far-out edge case I don't think it's worth doing anything more for this than adding a testcase and waiting until Go 1.23, as no one is writing offsets like "+99:65".

You're right, but I'll have to temporarily exempt it from roundtrip error until 1.23 lands(to close this bug report which i received), as this may block fuzzers from finding more edge cases.

[arp242]

Yeah, that's fine. I don't expect I'll do another release before Go 1.23 anyway.