This is an automated email from the ASF dual-hosted git repository. swebb2066 pushed a commit to branch oss_fuzz_guards in repository https://gitbox.apache.org/repos/asf/logging-log4cxx.git
commit 3817f652badb18514d6e2649bc826878144edae5 Author: Stephen Webb <[email protected]> AuthorDate: Tue Feb 4 18:13:13 2025 +1100 Check a pattern layout timezone offset is in a reasonable range --- src/main/cpp/timezone.cpp | 12 ++++++++---- src/test/cpp/pattern/patternparsertestcase.cpp | 3 +++ 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/src/main/cpp/timezone.cpp b/src/main/cpp/timezone.cpp index 0169a80a..27a20c89 100644 --- a/src/main/cpp/timezone.cpp +++ b/src/main/cpp/timezone.cpp @@ -23,6 +23,7 @@ #include <apr_time.h> #include <apr_pools.h> #include <apr_strings.h> +#include <log4cxx/helpers/exception.h> #include <log4cxx/helpers/transcoder.h> #include <log4cxx/helpers/stringhelper.h> #include <log4cxx/helpers/pool.h> @@ -241,10 +242,13 @@ const TimeZonePtr TimeZone::getTimeZone( const LogString& id ) } // Make sure that our offset can't be crazy - if( hours > 14 ){ - hours = 14; - }else if( hours < -12 ){ - hours = -12; + if( hours < -12 || 14 < hours) + { + throw RuntimeException(LOG4CXX_STR("Hour offset must be in (-12..14)")); + } + if (minutes < 0 || 60 < minutes) + { + throw RuntimeException(LOG4CXX_STR("Minute offset must be in (0..60)")); } LogString s(gmt); diff --git a/src/test/cpp/pattern/patternparsertestcase.cpp b/src/test/cpp/pattern/patternparsertestcase.cpp index 88db4116..4a4d88c7 100644 --- a/src/test/cpp/pattern/patternparsertestcase.cpp +++ b/src/test/cpp/pattern/patternparsertestcase.cpp @@ -275,6 +275,9 @@ public: assertFormattedEquals(LOG4CXX_STR("%d{HH:mm:ss}{GMT} %d{HH:mm:ss}{GMT-X} %c - %m"), getFormatSpecifiers(), expected); + assertFormattedEquals(LOG4CXX_STR("%d{HH:mm:ss}{GMT} %d{HH:mm:ss}{GMT-1:62222222} %c - %m"), + getFormatSpecifiers(), + expected); } void testThreadUsername()
