Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

invalid date can be used if only the 10-digit date string is supplied #956

Closed
ElectricNroff opened this issue Dec 16, 2022 · 0 comments · Fixed by #988
Closed

invalid date can be used if only the 10-digit date string is supplied #956

ElectricNroff opened this issue Dec 16, 2022 · 0 comments · Fixed by #988
Assignees
@slubar

Comments

@ElectricNroff
Copy link
Contributor

Following up on the #817 issue, invalid dates such as February 31 are rejected only if the user chooses to provide a time:

/cve-id?time_reserved.gt=2023-02-31T00:00:00Z
==>
Bad date, or invalid timestamp format: valid format is yyyy-MM-ddTHH:mm:ss or yyyy-MM-ddTHH:mm:ss.ZZZZ

/cve-id?time_reserved.gt=2023-02-31
==>
{"cve_ids":[]}

because

cve-services/src/utils/utils.js

Lines 128 to 137 in 11e75ef

const valid = validateDate(dateStr.toString().substring(0, 10), responseType = 'boolean')
if (valid) {
result = new Date(dateStr)
}
} else {
value = val.match(/^\d{4}-\d{2}-\d{2}$/)
if (value) {
result = new Date(`${value[0]}T00:00:00.000+00:00`)
}
}

puts validateDate outside of the code block where the time is omitted.
@slubar slubar self-assigned this Jan 18, 2023
slubar added a commit that referenced this issue Jan 18, 2023
@slubar
#956 check for valid date when no timestamp is included
45133eb
slubar added a commit that referenced this issue Jan 18, 2023
@slubar
#956 address lint error
ba9391e
jdaigneau5 added a commit that referenced this issue Jan 18, 2023
@jdaigneau5
Merge pull request #988 from CVEProject/srl-956
f8771c8 
#956 check for valid date when no timestamp is included
@slubar slubar linked a pull request Jan 19, 2023 that will close this issue
#956 check for valid date when no timestamp is included #988
Merged
@slubar slubar closed this as completed Jan 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@slubar slubar

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

#956 check for valid date when no timestamp is included CVEProject/cve-services
2 participants
@slubar @ElectricNroff