[ruby-core:111571] [Ruby master Bug#19296] Time.new's argument check is incomplete
Issue #19296 has been reported by matsuda (Akira Matsuda). ---------------------------------------- Bug #19296: Time.new's argument check is incomplete https://bugs.ruby-lang.org/issues/19296 * Author: matsuda (Akira Matsuda) * Status: Open * Priority: Normal * ruby -v: ruby 3.3.0dev (2023-01-01T07:39:00Z master 542e984d82) +YJIT [arm64-darwin21] * Backport: 2.7: UNKNOWN, 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN ---------------------------------------- `Time.new` seems to be performing some sort of argument checking, but I found some strings that can bypass this validation and craft erroneous Time value. - month ``` '12'.upto('20').each do |m| str = "2023-#{m}-01" puts str begin p Time.new str rescue => e p e end puts end ``` ``` # result 2023-12-01 2023-12-01 00:00:00 +0900 2023-13-01 #<ArgumentError: mon out of range> 2023-14-01 #<ArgumentError: mon out of range> 2023-15-01 #<ArgumentError: mon out of range> 2023-16-01 #<ArgumentError: mon out of range> 2023-17-01 2023-01-01 00:00:00 +0900 2023-18-01 2023-02-01 00:00:00 +0900 2023-19-01 2023-03-01 00:00:00 +0900 2023-20-01 2023-04-01 00:00:00 +0900 ``` - day ``` $ ruby -e 'p Time.new("2023-01-31")' 2023-01-31 00:00:00 +0900 $ ruby -e 'p Time.new("2023-01-32")' <internal:timev>:398:in `initialize': mday out of range (ArgumentError) from -e:1:in `new' from -e:1:in `<main>' $ ruby -e 'p Time.new("2023-01-33")' 2023-01-01 00:00:00 +0900 $ ruby -e 'p Time.new("2023-01-34") 2023-01-02 00:00:00 +0900 ``` In conclusion, month seeems to raise only when the given value is <= 16, and day seems to be checked for <= 32 only. -- https://bugs.ruby-lang.org/
Issue #19296 has been updated by nobu (Nobuyoshi Nakada). Backport changed from 2.7: UNKNOWN, 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN to 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: REQUIRED https://github.com/ruby/ruby/pull/7055 ---------------------------------------- Bug #19296: Time.new's argument check is incomplete https://bugs.ruby-lang.org/issues/19296#change-100943 * Author: matsuda (Akira Matsuda) * Status: Open * Priority: Normal * ruby -v: ruby 3.3.0dev (2023-01-01T07:39:00Z master 542e984d82) +YJIT [arm64-darwin21] * Backport: 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: REQUIRED ---------------------------------------- `Time.new` seems to be performing some sort of argument checking, but I found some strings that can bypass this validation and craft erroneous Time value. - month ``` '12'.upto('20').each do |m| str = "2023-#{m}-01" puts str begin p Time.new str rescue => e p e end puts end ``` ``` # result 2023-12-01 2023-12-01 00:00:00 +0900 2023-13-01 #<ArgumentError: mon out of range> 2023-14-01 #<ArgumentError: mon out of range> 2023-15-01 #<ArgumentError: mon out of range> 2023-16-01 #<ArgumentError: mon out of range> 2023-17-01 2023-01-01 00:00:00 +0900 2023-18-01 2023-02-01 00:00:00 +0900 2023-19-01 2023-03-01 00:00:00 +0900 2023-20-01 2023-04-01 00:00:00 +0900 ``` - day ``` $ ruby -e 'p Time.new("2023-01-31")' 2023-01-31 00:00:00 +0900 $ ruby -e 'p Time.new("2023-01-32")' <internal:timev>:398:in `initialize': mday out of range (ArgumentError) from -e:1:in `new' from -e:1:in `<main>' $ ruby -e 'p Time.new("2023-01-33")' 2023-01-01 00:00:00 +0900 $ ruby -e 'p Time.new("2023-01-34") 2023-01-02 00:00:00 +0900 ``` In conclusion, month seeems to raise only when the given value is <= 16, and day seems to be checked for <= 32 only. -- https://bugs.ruby-lang.org/
Issue #19296 has been updated by naruse (Yui NARUSE). Backport changed from 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: REQUIRED to 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: DONE ruby_3_2 52ea5ea9906c3a96c60a68e01b303672602a6832 merged revision(s) 291a4098cf649c027cb50c16b872455f26ad1dfb,5be0d42d2c4dc765230c76738289560f9ee37f09. ---------------------------------------- Bug #19296: Time.new's argument check is incomplete https://bugs.ruby-lang.org/issues/19296#change-101293 * Author: matsuda (Akira Matsuda) * Status: Closed * Priority: Normal * ruby -v: ruby 3.3.0dev (2023-01-01T07:39:00Z master 542e984d82) +YJIT [arm64-darwin21] * Backport: 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: DONE ---------------------------------------- `Time.new` seems to be performing some sort of argument checking, but I found some strings that can bypass this validation and craft erroneous Time value. - month ``` '12'.upto('20').each do |m| str = "2023-#{m}-01" puts str begin p Time.new str rescue => e p e end puts end ``` ``` # result 2023-12-01 2023-12-01 00:00:00 +0900 2023-13-01 #<ArgumentError: mon out of range> 2023-14-01 #<ArgumentError: mon out of range> 2023-15-01 #<ArgumentError: mon out of range> 2023-16-01 #<ArgumentError: mon out of range> 2023-17-01 2023-01-01 00:00:00 +0900 2023-18-01 2023-02-01 00:00:00 +0900 2023-19-01 2023-03-01 00:00:00 +0900 2023-20-01 2023-04-01 00:00:00 +0900 ``` - day ``` $ ruby -e 'p Time.new("2023-01-31")' 2023-01-31 00:00:00 +0900 $ ruby -e 'p Time.new("2023-01-32")' <internal:timev>:398:in `initialize': mday out of range (ArgumentError) from -e:1:in `new' from -e:1:in `<main>' $ ruby -e 'p Time.new("2023-01-33")' 2023-01-01 00:00:00 +0900 $ ruby -e 'p Time.new("2023-01-34") 2023-01-02 00:00:00 +0900 ``` In conclusion, month seeems to raise only when the given value is <= 16, and day seems to be checked for <= 32 only. -- https://bugs.ruby-lang.org/
participants (3)
-
matsuda (Akira Matsuda) -
naruse (Yui NARUSE)
-
nobu (Nobuyoshi Nakada)