Paranoia for overflow of sprintf buffer in the year 10000 (#1106)

microsoft · Apr 9, 2019 · c9707ef · c9707ef
1 parent 5583fbb
commit c9707ef
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/Release/src/utilities/asyncrt_utils.cpp b/Release/src/utilities/asyncrt_utils.cpp
@@ -649,6 +649,10 @@ utility::string_t datetime::to_string(date_format format) const
     const int64_t input = static_cast<int64_t>(m_interval / _secondTicks); // convert to seconds
     const int frac_sec = static_cast<int>(m_interval % _secondTicks);
     const time_t time = static_cast<time_t>(input - ntToUnixOffsetSeconds);
+    if (static_cast<uint64_t>(time) > 253370764800ull) {
+        throw std::out_of_range("The requested year exceeds the year 9999.");
+    }
+
     struct tm t;
 #ifdef _MSC_VER
     if (gmtime_s(&t, &time) != 0)