apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philip Martin <phi...@codematters.co.uk>
Subject Re: Date limit in apr_time_exp_get
Date Tue, 23 Mar 2004 16:42:46 GMT
"Roy T. Fielding" <fielding@gbiv.com> writes:

>> Is the function supposed to validate it's input?  If the user supplies
>> a large, positive or negative, value for xt->tm_year then the
>> calculation may overflow.  If the user supplies an xt->tm_mon outside
>> the range 0-11 the function will read arbitrary memory.
>
> How is the "user" going to do that?  Do you mean the API caller?

Yes, I meant the API caller.

> They could just as easily read arbitrary memory on their own.

I was concerned about the potential for the read to cause a SEGV.

> AFAIK, none of the APR routines do input validation, though it
> might be good if they provided a single call to validate the
> tm structure.

Should all the checks that return APR_EBADDATE be removed if the
function is supposed to assume valid input?  It doesn't seem useful
for the function to trap only a subset of the invalid inputs, and to
do it only after an operation that could SEGV.

-- 
Philip Martin

Mime
View raw message