From a3a2aebe90adde7dfe434be49292eec887634991 Mon Sep 17 00:00:00 2001 From: Emanuele Torre Date: Fri, 15 Mar 2024 01:56:05 +0100 Subject: [PATCH] strftime/1: fix validation of non-string argument with number input There was a incorrect else, that caused jq to not ensure that the argument to strftime/1 is a string; this ends up calling jv_string_value on a non-string value, which does not work, and causes an assert failure. In this commit, I also remove some unnecessary else. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67403 --- src/builtin.c | 6 +++--- tests/jq.test | 5 +++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/src/builtin.c b/src/builtin.c index 393fac0ded..fef340ef91 100644 --- a/src/builtin.c +++ b/src/builtin.c @@ -1597,11 +1597,11 @@ static jv f_strftime(jq_state *jq, jv a, jv b) { jv_free(b); return a; } - } else if (jv_get_kind(a) != JV_KIND_ARRAY) { + } + if (jv_get_kind(a) != JV_KIND_ARRAY) return ret_error2(a, b, jv_string("strftime/1 requires parsed datetime inputs")); - } else if (jv_get_kind(b) != JV_KIND_STRING) { + if (jv_get_kind(b) != JV_KIND_STRING) return ret_error2(a, b, jv_string("strftime/1 requires a string format")); - } struct tm tm; if (!jv2tm(a, &tm)) return ret_error(b, jv_string("strftime/1 requires parsed datetime inputs")); diff --git a/tests/jq.test b/tests/jq.test index 60715f693a..e90edfa1a0 100644 --- a/tests/jq.test +++ b/tests/jq.test @@ -1580,6 +1580,11 @@ try mktime catch . ["a",1,2,3,4,5,6,7] "mktime requires parsed datetime inputs" +# oss-fuzz #67403: non-string argument with number input fails assert +try ["OK", strftime([])] catch ["KO", .] +0 +["KO","strftime/1 requires parsed datetime inputs"] + # module system import "a" as foo; import "b" as bar; def fooa: foo::a; [fooa, bar::a, bar::b, foo::a] null