strptime: fix overflow in conv_num (fluent#3161)

Signed-off-by: davkor <david@adalogics.com>
hwchiu · Mar 4, 2021 · 7e5b733 · 7e5b733
1 parent c62ad5a
commit 7e5b733
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/src/flb_strptime.c b/src/flb_strptime.c
@@ -709,6 +709,12 @@ _conv_num64(const unsigned char **buf, int64_t *dest, int64_t llim, int64_t ulim
 		result *= 10;
 		result += *(*buf)++ - '0';
 		rulim /= 10;
+        /* watch out for overflows. If value gets above
+         * ((2**64)/2.0)/10.0 then we will overflow. So instead
+         * we return 0 */
+        if (result >= 922337203685477632) {
+            return (0);
+        }
 	} while ((result * 10 <= ulim) && rulim && **buf >= '0' && **buf <= '9');
 
 	if (result < llim || result > ulim)