Skip to content

Commit

Permalink
RFC 1123: Fix date parsing (#1538)
Browse files Browse the repository at this point in the history 
The bug was discovered and detailed by Joshua Rogers at
https://megamansec.github.io/Squid-Security-Audit/datetime-overflow.html
where it was filed as "1-Byte Buffer OverRead in RFC 1123 date/time
Handling".
  • Loading branch information
@rousskov @yadij
rousskov authored and yadij committed Oct 27, 2023
1 parent 72a3bbd commit deee944
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions src/time/rfc1123.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,13 @@ make_month(const char *s)
char month[3];

month[0] = xtoupper(*s);
if (!month[0])
return -1; // protects *(s + 1) below

month[1] = xtolower(*(s + 1));
if (!month[1])
return -1; // protects *(s + 2) below

month[2] = xtolower(*(s + 2));

for (i = 0; i < 12; i++)
Expand Down

0 comments on commit deee944

Please sign in to comment.