summaryrefslogtreecommitdiff
path: root/ext/xmlrpc/libxmlrpc/xmlrpc.c
diff options
context:
space:
mode:
authorIlia Alshanetsky <iliaa@php.net>2007-09-18 19:52:27 +0000
committerIlia Alshanetsky <iliaa@php.net>2007-09-18 19:52:27 +0000
commitc701d46a4b1f883af0ea788d495b98613dd1c302 (patch)
treeec349d0a19f648f52e9f06a022afa7c9dd1a1203 /ext/xmlrpc/libxmlrpc/xmlrpc.c
parent99dac437ea47875cb8a46fd0702b9e04dd29bf18 (diff)
downloadphp-git-c701d46a4b1f883af0ea788d495b98613dd1c302.tar.gz
MFB: Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime
values).
Diffstat (limited to 'ext/xmlrpc/libxmlrpc/xmlrpc.c')
-rw-r--r--ext/xmlrpc/libxmlrpc/xmlrpc.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/ext/xmlrpc/libxmlrpc/xmlrpc.c b/ext/xmlrpc/libxmlrpc/xmlrpc.c
index 3c192d93f6..cf1f0a5167 100644
--- a/ext/xmlrpc/libxmlrpc/xmlrpc.c
+++ b/ext/xmlrpc/libxmlrpc/xmlrpc.c
@@ -43,6 +43,9 @@ static const char rcsid[] = "#(@) $Id$";
* 9/1999 - 10/2000
* HISTORY
* $Log$
+ * Revision 1.11 2007/06/07 09:07:12 tony2001
+ * php_localtime_r() checks
+ *
* Revision 1.10 2007/01/01 09:29:33 sebastian
* Bump year.
*
@@ -176,7 +179,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
}
p++;
}
- text = buf;
+ text = buf;
}
@@ -186,15 +189,19 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
return -1;
}
+#define XMLRPC_IS_NUMBER(x) if (x < '0' || x > '9') return -1;
+
n = 1000;
tm.tm_year = 0;
for(i = 0; i < 4; i++) {
+ XMLRPC_IS_NUMBER(text[i])
tm.tm_year += (text[i]-'0')*n;
n /= 10;
}
n = 10;
tm.tm_mon = 0;
for(i = 0; i < 2; i++) {
+ XMLRPC_IS_NUMBER(text[i])
tm.tm_mon += (text[i+4]-'0')*n;
n /= 10;
}
@@ -203,6 +210,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
n = 10;
tm.tm_mday = 0;
for(i = 0; i < 2; i++) {
+ XMLRPC_IS_NUMBER(text[i])
tm.tm_mday += (text[i+6]-'0')*n;
n /= 10;
}
@@ -210,6 +218,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
n = 10;
tm.tm_hour = 0;
for(i = 0; i < 2; i++) {
+ XMLRPC_IS_NUMBER(text[i])
tm.tm_hour += (text[i+9]-'0')*n;
n /= 10;
}
@@ -217,6 +226,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
n = 10;
tm.tm_min = 0;
for(i = 0; i < 2; i++) {
+ XMLRPC_IS_NUMBER(text[i])
tm.tm_min += (text[i+12]-'0')*n;
n /= 10;
}
@@ -224,6 +234,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
n = 10;
tm.tm_sec = 0;
for(i = 0; i < 2; i++) {
+ XMLRPC_IS_NUMBER(text[i])
tm.tm_sec += (text[i+15]-'0')*n;
n /= 10;
}
View Lorry Controller Status