metsw24-max opened a new pull request, #709: URL: https://github.com/apache/logging-log4cxx/pull/709
Prevent out-of-bounds reads in `SimpleDateFormat` when formatting month names, day names, and AM/PM markers from malformed or extreme timestamp values. The formatter previously indexed fixed-size name tables directly using fields from `apr_time_exp_t`: * `tm_mon` * `tm_wday` * `tm_hour / 12` These values are normally within their expected ranges, but APR time expansion can produce out-of-range fields for extreme `apr_time_t` inputs. In those cases, the formatter performed unchecked `std::vector::operator[]` accesses, resulting in out-of-bounds reads. This change introduces a bounds-checked helper and applies it to all affected lookup sites. ## Changes ### Fix Added a bounds-checked helper: ```cpp appendName(LogString&, const std::vector<LogString>&, int) ``` and replaced unchecked indexing in: * abbreviated month names * full month names * abbreviated day names * full day names * AM/PM formatting ### Tests Added regression tests in: ```text src/test/cpp/helpers/simpledateformattestcase.cpp ``` Tests cover: * Normal formatting behavior (`EEE`, `MMM`, `a`) to ensure no functional regression. * Formatting of extreme timestamp values (`INT64_MAX`, `INT64_MIN`, and other edge cases) to verify that formatting remains bounded and does not perform out-of-bounds reads. Registered the new tests in: ```text src/test/cpp/helpers/CMakeLists.txt ``` ## Validation Verified using an AddressSanitizer build. ### With this patch * All tests pass successfully. * No sanitizer findings. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
