Coverage Report

Created: 2023-06-07 06:47

/src/sudo/plugins/sudoers/gentime.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * SPDX-License-Identifier: ISC
3
 *
4
 * Copyright (c) 2017, 2021 Todd C. Miller <Todd.Miller@sudo.ws>
5
 *
6
 * Permission to use, copy, modify, and distribute this software for any
7
 * purpose with or without fee is hereby granted, provided that the above
8
 * copyright notice and this permission notice appear in all copies.
9
 *
10
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
 */
18
19
/*
20
 * This is an open source non-commercial project. Dear PVS-Studio, please check it.
21
 * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
22
 */
23
24
#include <config.h>
25
26
#include <stdio.h>
27
#include <stdlib.h>
28
#ifdef HAVE_STDBOOL_H
29
# include <stdbool.h>
30
#else
31
# include "compat/stdbool.h"
32
#endif /* HAVE_STDBOOL_H */
33
#include <string.h>
34
#include <ctype.h>
35
#include <time.h>
36
37
#include "sudo_compat.h"
38
#include "sudoers_debug.h"
39
#include "parse.h"
40
41
/* Since timegm() is only used in one place we keep the macro local. */
42
#ifndef HAVE_TIMEGM
43
# define timegm(_t) sudo_timegm(_t)
44
#endif
45
46
/*
47
 * Parse a timestamp in Generalized Time format as per RFC4517.
48
 * E.g. yyyymmddHHMMSS.FZ or yyyymmddHHMMSS.F[+-]TZOFF
49
 * where minutes, seconds and fraction are optional.
50
 * Returns the time in Unix time format or -1 on error.
51
 */
52
time_t
53
parse_gentime(const char *timestr)
54
0
{
55
0
    char tcopy[sizeof("yyyymmddHHMMSS")];
56
0
    const char *cp;
57
0
    time_t result;
58
0
    struct tm tm;
59
0
    size_t len;
60
0
    int items, tzoff = 0;
61
0
    bool islocal = false;
62
0
    debug_decl(parse_gentime, SUDOERS_DEBUG_PARSER);
63
64
    /* Make a copy of the non-fractional time without zone for easy parsing. */
65
0
    len = strspn(timestr, "0123456789");
66
0
    if (len >= sizeof(tcopy) || len < sizeof("yyyymmddHH") -1 || (len & 1)) {
67
0
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
68
0
      "unable to parse general time string %s", timestr);
69
0
  debug_return_time_t(-1);
70
0
    }
71
0
    memcpy(tcopy, timestr, len);
72
0
    tcopy[len] = '\0';
73
74
    /* Parse general time, ignoring the timezone for now. */
75
0
    memset(&tm, 0, sizeof(tm));
76
0
    items = sscanf(tcopy, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon,
77
0
  &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
78
0
    if (items == EOF || items < 4) {
79
0
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
80
0
      "only parsed %d items in general time string %s", items, timestr); 
81
0
  debug_return_time_t(-1);
82
0
    }
83
84
    /* Parse optional fractional hours/minute/second if present. */
85
0
    cp = timestr + len;
86
0
    if ((cp[0] == '.' || cp[0] == ',') && isdigit((unsigned char)cp[1])) {
87
0
  int frac = cp[1] - '0';
88
0
  switch (items) {
89
0
  case 4:
90
      /* convert fractional hour -> minutes */
91
0
      tm.tm_min += 60 / 10 * frac;
92
0
      break;
93
0
  case 5:
94
      /* convert fractional minute -> seconds */
95
0
      tm.tm_sec += 60 / 10 * frac;
96
0
      break;
97
0
  case 6:
98
      /* ignore fractional second */
99
0
      break;
100
0
  }
101
0
  cp += 2;  /* skip over radix and fraction */
102
0
    }
103
104
    /* Parse optional time zone. */
105
0
    switch (*cp) {
106
0
    case '-':
107
0
    case '+': {
108
0
  int hour = 0, min = 0;
109
110
  /* No DST */
111
0
  tm.tm_isdst = 0;
112
  /* time zone offset must be hh or hhmm */
113
0
  len = strspn(cp + 1, "0123456789");
114
0
  if (len != 2 && len != 4) {
115
0
      sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
116
0
    "unable to parse time zone offset in %s, bad tz offset",
117
0
    timestr);
118
0
      debug_return_time_t(-1);
119
0
  }
120
  /* parse time zone offset */
121
0
  items = sscanf(cp + 1, "%2d%2d", &hour, &min);
122
0
  if (items == EOF || items < 1) {
123
0
      sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
124
0
    "unable to parse time zone offset in %s, items %d",
125
0
    timestr, items);
126
0
      debug_return_time_t(-1);
127
0
  }
128
0
  if (*cp == '-')
129
0
      tzoff = -((hour * 60) + min) * 60;
130
0
  else
131
0
      tzoff = ((hour * 60) + min) * 60;
132
0
  cp += 1 + (items * 2);
133
0
  break;
134
0
    }
135
0
    case 'Z':
136
  /* GMT/UTC, no DST */
137
0
  tm.tm_isdst = 0;
138
0
  cp++;
139
0
  break;
140
0
    case '\0':
141
  /* no zone specified, use local time */
142
0
  tm.tm_isdst = -1;
143
0
  islocal = true;
144
0
  break;
145
0
    default:
146
0
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
147
0
      "unable to parse general time string %s", timestr);
148
0
  debug_return_time_t(-1);
149
0
    }
150
0
    if (*cp != '\0') {
151
0
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
152
0
      "trailing garbage in general time string %s", timestr);
153
0
  debug_return_time_t(-1);
154
0
    }
155
156
    /* Adjust from Generalized Time to struct tm */
157
0
    tm.tm_year -= 1900;
158
0
    tm.tm_mon--;
159
160
0
    if (islocal) {
161
0
  result = mktime(&tm);
162
0
    } else {
163
0
  result = timegm(&tm);
164
0
  if (result != -1) {
165
      /* Adjust time based on supplied GMT offset. */
166
0
      result -= tzoff;
167
0
  }
168
0
    }
169
170
0
    debug_return_time_t(result);
171
0
}