Skip to content

Commit dd96d13

Browse files
tglsfdctglsfdc
committed
Add range checks to time_recv() and timetz_recv(), to prevent binary input
of time values that would not be accepted via textual input. Per gripe from Andrew McNamara. This is potentially a back-patchable bug fix, but for the moment it doesn't seem sufficiently high impact to justify doing that.
1 parent c3707a4 commit dd96d13

File tree

1 file changed

+29
-1
lines changed

1 file changed

+29
-1
lines changed

src/backend/utils/adt/date.c

Lines changed: 29 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/utils/adt/date.c,v 1.144 2009/01/01 17:23:49 momjian Exp $
11+
* $PostgreSQL: pgsql/src/backend/utils/adt/date.c,v 1.145 2009/05/26 01:29:09 tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -1088,8 +1088,18 @@ time_recv(PG_FUNCTION_ARGS)
10881088

10891089
#ifdef HAVE_INT64_TIMESTAMP
10901090
result = pq_getmsgint64(buf);
1091+
1092+
if (result < INT64CONST(0) || result > USECS_PER_DAY)
1093+
ereport(ERROR,
1094+
(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),
1095+
errmsg("time out of range")));
10911096
#else
10921097
result = pq_getmsgfloat8(buf);
1098+
1099+
if (result < 0 || result > (double) SECS_PER_DAY)
1100+
ereport(ERROR,
1101+
(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),
1102+
errmsg("time out of range")));
10931103
#endif
10941104

10951105
AdjustTimeForTypmod(&result, typmod);
@@ -1853,11 +1863,29 @@ timetz_recv(PG_FUNCTION_ARGS)
18531863

18541864
#ifdef HAVE_INT64_TIMESTAMP
18551865
result->time = pq_getmsgint64(buf);
1866+
1867+
if (result->time < INT64CONST(0) || result->time > USECS_PER_DAY)
1868+
ereport(ERROR,
1869+
(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),
1870+
errmsg("time out of range")));
18561871
#else
18571872
result->time = pq_getmsgfloat8(buf);
1873+
1874+
if (result->time < 0 || result->time > (double) SECS_PER_DAY)
1875+
ereport(ERROR,
1876+
(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),
1877+
errmsg("time out of range")));
18581878
#endif
1879+
18591880
result->zone = pq_getmsgint(buf, sizeof(result->zone));
18601881

1882+
/* we allow GMT displacements up to 14:59:59, cf DecodeTimezone() */
1883+
if (result->zone <= -15 * SECS_PER_HOUR ||
1884+
result->zone >= 15 * SECS_PER_HOUR)
1885+
ereport(ERROR,
1886+
(errcode(ERRCODE_INVALID_TIME_ZONE_DISPLACEMENT_VALUE),
1887+
errmsg("time zone displacement out of range")));
1888+
18611889
AdjustTimeForTypmod(&(result->time), typmod);
18621890

18631891
PG_RETURN_TIMETZADT_P(result);

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy