Coverage Report

Created: 2026-02-14 06:04

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/sudo/plugins/sudoers/gentime.c
Line
Count
Source
1
/*
2
 * SPDX-License-Identifier: ISC
3
 *
4
 * Copyright (c) 2017, 2021 Todd C. Miller <Todd.Miller@sudo.ws>
5
 *
6
 * Permission to use, copy, modify, and distribute this software for any
7
 * purpose with or without fee is hereby granted, provided that the above
8
 * copyright notice and this permission notice appear in all copies.
9
 *
10
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
 */
18
19
#include <config.h>
20
21
#include <stdio.h>
22
#include <stdlib.h>
23
#ifdef HAVE_STDBOOL_H
24
# include <stdbool.h>
25
#else
26
# include <compat/stdbool.h>
27
#endif /* HAVE_STDBOOL_H */
28
#include <string.h>
29
#include <ctype.h>
30
#include <time.h>
31
32
#include <sudo_compat.h>
33
#include <sudoers_debug.h>
34
#include <parse.h>
35
36
/* Since timegm() is only used in one place we keep the macro local. */
37
#ifndef HAVE_TIMEGM
38
# define timegm(_t) sudo_timegm(_t)
39
#endif
40
41
/*
42
 * Parse a timestamp in Generalized Time format as per RFC4517.
43
 * E.g. yyyymmddHHMMSS.FZ or yyyymmddHHMMSS.F[+-]TZOFF
44
 * where minutes, seconds and fraction are optional.
45
 * Returns the time in Unix time format or -1 on error.
46
 */
47
time_t
48
parse_gentime(const char *timestr)
49
6.45k
{
50
6.45k
    char tcopy[sizeof("yyyymmddHHMMSS")];
51
6.45k
    const char *cp;
52
6.45k
    time_t result;
53
6.45k
    struct tm tm;
54
6.45k
    size_t len;
55
6.45k
    int items, tzoff = 0;
56
6.45k
    bool islocal = false;
57
6.45k
    debug_decl(parse_gentime, SUDOERS_DEBUG_PARSER);
58
59
    /* Make a copy of the non-fractional time without zone for easy parsing. */
60
6.45k
    len = strspn(timestr, "0123456789");
61
6.45k
    if (len >= sizeof(tcopy) || len < sizeof("yyyymmddHH") -1 || (len & 1)) {
62
2.91k
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
63
2.91k
      "unable to parse general time string %s", timestr);
64
2.91k
  debug_return_time_t(-1);
65
2.91k
    }
66
3.54k
    memcpy(tcopy, timestr, len);
67
3.54k
    tcopy[len] = '\0';
68
69
    /* Parse general time, ignoring the timezone for now. */
70
3.54k
    memset(&tm, 0, sizeof(tm));
71
3.54k
    items = sscanf(tcopy, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon,
72
3.54k
  &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
73
3.54k
    if (items == EOF || items < 4) {
74
0
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
75
0
      "only parsed %d items in general time string %s", items, timestr); 
76
0
  debug_return_time_t(-1);
77
0
    }
78
79
    /* Parse optional fractional hours/minute/second if present. */
80
3.54k
    cp = timestr + len;
81
3.54k
    if ((cp[0] == '.' || cp[0] == ',') && isdigit((unsigned char)cp[1])) {
82
1.27k
  int frac = cp[1] - '0';
83
1.27k
  switch (items) {
84
514
  case 4:
85
      /* convert fractional hour -> minutes */
86
514
      tm.tm_min += 60 / 10 * frac;
87
514
      break;
88
492
  case 5:
89
      /* convert fractional minute -> seconds */
90
492
      tm.tm_sec += 60 / 10 * frac;
91
492
      break;
92
269
  case 6:
93
      /* ignore fractional second */
94
269
      break;
95
1.27k
  }
96
1.27k
  cp += 2;  /* skip over radix and fraction */
97
1.27k
    }
98
99
    /* Parse optional time zone. */
100
3.54k
    switch (*cp) {
101
493
    case '-':
102
1.06k
    case '+': {
103
1.06k
  int hour = 0, min = 0;
104
105
  /* No DST */
106
1.06k
  tm.tm_isdst = 0;
107
  /* time zone offset must be hh or hhmm */
108
1.06k
  len = strspn(cp + 1, "0123456789");
109
1.06k
  if (len != 2 && len != 4) {
110
209
      sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
111
209
    "unable to parse time zone offset in %s, bad tz offset",
112
209
    timestr);
113
209
      debug_return_time_t(-1);
114
209
  }
115
  /* parse time zone offset */
116
856
  items = sscanf(cp + 1, "%2d%2d", &hour, &min);
117
856
  if (items == EOF || items < 1) {
118
0
      sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
119
0
    "unable to parse time zone offset in %s, items %d",
120
0
    timestr, items);
121
0
      debug_return_time_t(-1);
122
0
  }
123
856
  if (*cp == '-')
124
423
      tzoff = -((hour * 60) + min) * 60;
125
433
  else
126
433
      tzoff = ((hour * 60) + min) * 60;
127
856
  cp += 1 + (items * 2);
128
856
  break;
129
856
    }
130
825
    case 'Z':
131
  /* GMT/UTC, no DST */
132
825
  tm.tm_isdst = 0;
133
825
  cp++;
134
825
  break;
135
1.17k
    case '\0':
136
  /* no zone specified, use local time */
137
1.17k
  tm.tm_isdst = -1;
138
1.17k
  islocal = true;
139
1.17k
  break;
140
480
    default:
141
480
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
142
480
      "unable to parse general time string %s", timestr);
143
480
  debug_return_time_t(-1);
144
3.54k
    }
145
2.85k
    if (*cp != '\0') {
146
290
  sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
147
290
      "trailing garbage in general time string %s", timestr);
148
290
  debug_return_time_t(-1);
149
290
    }
150
151
    /* Adjust from Generalized Time to struct tm */
152
2.56k
    tm.tm_year -= 1900;
153
2.56k
    tm.tm_mon--;
154
155
2.56k
    if (islocal) {
156
1.17k
  result = mktime(&tm);
157
1.39k
    } else {
158
1.39k
  result = timegm(&tm);
159
1.39k
  if (result != -1) {
160
      /* Adjust time based on supplied GMT offset. */
161
997
      result -= tzoff;
162
997
  }
163
1.39k
    }
164
165
2.56k
    debug_return_time_t(result);
166
2.56k
}