Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Reject an additional type of bad date in parse_http_time

Nick Mathewson 13 years ago
parent
d0d9c3d71e
commit
1abe533b33
2 changed files with 5 additions and 1 deletions
Split View Show Diff Stats
  1. 4 1
      src/common/util.c
  2. 1 0
      src/test/test_util.c

+ 4 - 1
src/common/util.c
View File 

@@ -1416,7 +1416,10 @@ parse_http_time(const char *date, struct tm *tm)
 
 
   /* First, try RFC1123 or RFC850 format: skip the weekday.  */
 
   if ((cp = strchr(date, ','))) {
 
-    cp += 2;
 
+    ++cp;
 
+    if (*cp != ' ')
 
+      return -1;
 
+    ++cp;
 
     if (tor_sscanf(cp, "%2u %3s %4u %2u:%2u:%2u GMT",
 
                &tm_mday, month, &tm_year,
 
                &tm_hour, &tm_min, &tm_sec) == 6) {

+ 1 - 0
src/test/test_util.c
View File 

@@ -101,6 +101,7 @@ test_util_parse_http_time(void *arg)
 
   test_eq(-1, parse_http_time("Sunday, 32-Aug-94 00:48:22 GMT", &a_time));
 
   test_eq(-1, parse_http_time("Sunday, 3-Ago-04 00:48:22", &a_time));
 
   test_eq(-1, parse_http_time("Sunday, August the third", &a_time));
 
+  test_eq(-1, parse_http_time("Wednesday,,04 Aug 1994 00:48:22 GMT", &a_time));
 
 
   test_eq(0, parse_http_time("Wednesday, 04 Aug 1994 00:48:22 GMT", &a_time));
 
   test_eq((time_t)775961302UL, tor_timegm(&a_time));