unofficial mirror of notmuch@notmuchmail.org
 help / color / mirror / code / Atom feed
* [PATCH 1/2] test: add known broken test with timestamp beyond 2038
@ 2020-02-08  1:49 Peter Wang
  2020-02-08  1:49 ` [PATCH 2/2] sprinter: change integer method to use int64_t Peter Wang
  0 siblings, 1 reply; 4+ messages in thread
From: Peter Wang @ 2020-02-08  1:49 UTC (permalink / raw)
  To: notmuch

---
 test/T160-json.sh | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/test/T160-json.sh b/test/T160-json.sh
index 004adb4e..ec1b5adb 100755
--- a/test/T160-json.sh
+++ b/test/T160-json.sh
@@ -64,6 +64,21 @@ test_expect_equal_json "$output" "[{\"thread\": \"XXX\",
  \"tags\": [\"inbox\",
  \"unread\"]}]"
 
+test_begin_subtest "Search message: json, 64-bit timestamp"
+test_subtest_known_broken
+add_message "[subject]=\"json-search-64bit-timestamp-subject\"" "[date]=\"Tue, 01 Jan 2999 12:00:00 -0000\"" "[body]=\"json-search-64bit-timestamp-message\""
+output=$(notmuch search --format=json "json-search-64bit-timestamp-message" | notmuch_search_sanitize)
+test_expect_equal_json "$output" "[{\"thread\": \"XXX\",
+ \"timestamp\": 32472187200,
+ \"date_relative\": \"the future\",
+ \"matched\": 1,
+ \"total\": 1,
+ \"authors\": \"Notmuch Test Suite\",
+ \"subject\": \"json-search-64bit-timestamp-subject\",
+ \"query\": [\"id:$gen_msg_id\", null],
+ \"tags\": [\"inbox\",
+ \"unread\"]}]"
+
 test_begin_subtest "Format version: too low"
 test_expect_code 20 "notmuch search --format-version=0 \\*"
 
-- 
2.25.0

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH 2/2] sprinter: change integer method to use int64_t
  2020-02-08  1:49 [PATCH 1/2] test: add known broken test with timestamp beyond 2038 Peter Wang
@ 2020-02-08  1:49 ` Peter Wang
  2020-02-13 23:13   ` David Bremner
  0 siblings, 1 reply; 4+ messages in thread
From: Peter Wang @ 2020-02-08  1:49 UTC (permalink / raw)
  To: notmuch

In particular, timestamps beyond 2038 could overflow the sprinter
interface on systems where time_t is 64-bit but 'int' is a signed 32-bit
integer type.
---
 sprinter-json.c   | 5 +++--
 sprinter-sexp.c   | 5 +++--
 sprinter-text.c   | 5 +++--
 sprinter.h        | 2 +-
 test/T160-json.sh | 1 -
 5 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/sprinter-json.c b/sprinter-json.c
index c6ec8577..273bdeca 100644
--- a/sprinter-json.c
+++ b/sprinter-json.c
@@ -1,3 +1,4 @@
+#include <inttypes.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <talloc.h>
@@ -124,11 +125,11 @@ json_string (struct sprinter *sp, const char *val)
 }
 
 static void
-json_integer (struct sprinter *sp, int val)
+json_integer (struct sprinter *sp, int64_t val)
 {
     struct sprinter_json *spj = json_begin_value (sp);
 
-    fprintf (spj->stream, "%d", val);
+    fprintf (spj->stream, "%"PRId64, val);
 }
 
 static void
diff --git a/sprinter-sexp.c b/sprinter-sexp.c
index 6891ea42..35c007d5 100644
--- a/sprinter-sexp.c
+++ b/sprinter-sexp.c
@@ -18,6 +18,7 @@
  * Author: Peter Feigl <peter.feigl@gmx.at>
  */
 
+#include <inttypes.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <talloc.h>
@@ -161,11 +162,11 @@ sexp_keyword (struct sprinter *sp, const char *val)
 }
 
 static void
-sexp_integer (struct sprinter *sp, int val)
+sexp_integer (struct sprinter *sp, int64_t val)
 {
     struct sprinter_sexp *sps = sexp_begin_value (sp);
 
-    fprintf (sps->stream, "%d", val);
+    fprintf (sps->stream, "%"PRId64, val);
 }
 
 static void
diff --git a/sprinter-text.c b/sprinter-text.c
index 648b54b1..7b68f98c 100644
--- a/sprinter-text.c
+++ b/sprinter-text.c
@@ -1,3 +1,4 @@
+#include <inttypes.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <talloc.h>
@@ -44,11 +45,11 @@ text_string (struct sprinter *sp, const char *val)
 }
 
 static void
-text_integer (struct sprinter *sp, int val)
+text_integer (struct sprinter *sp, int64_t val)
 {
     struct sprinter_text *sptxt = (struct sprinter_text *) sp;
 
-    fprintf (sptxt->stream, "%d", val);
+    fprintf (sptxt->stream, "%"PRId64, val);
 }
 
 static void
diff --git a/sprinter.h b/sprinter.h
index 182b1a8b..528d8a2d 100644
--- a/sprinter.h
+++ b/sprinter.h
@@ -33,7 +33,7 @@ typedef struct sprinter {
      */
     void (*string)(struct sprinter *, const char *);
     void (*string_len)(struct sprinter *, const char *, size_t);
-    void (*integer)(struct sprinter *, int);
+    void (*integer)(struct sprinter *, int64_t);
     void (*boolean)(struct sprinter *, bool);
     void (*null)(struct sprinter *);
 
diff --git a/test/T160-json.sh b/test/T160-json.sh
index ec1b5adb..d975efa7 100755
--- a/test/T160-json.sh
+++ b/test/T160-json.sh
@@ -65,7 +65,6 @@ test_expect_equal_json "$output" "[{\"thread\": \"XXX\",
  \"unread\"]}]"
 
 test_begin_subtest "Search message: json, 64-bit timestamp"
-test_subtest_known_broken
 add_message "[subject]=\"json-search-64bit-timestamp-subject\"" "[date]=\"Tue, 01 Jan 2999 12:00:00 -0000\"" "[body]=\"json-search-64bit-timestamp-message\""
 output=$(notmuch search --format=json "json-search-64bit-timestamp-message" | notmuch_search_sanitize)
 test_expect_equal_json "$output" "[{\"thread\": \"XXX\",
-- 
2.25.0

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] sprinter: change integer method to use int64_t
  2020-02-08  1:49 ` [PATCH 2/2] sprinter: change integer method to use int64_t Peter Wang
@ 2020-02-13 23:13   ` David Bremner
  2020-02-20 17:23     ` Daniel Kahn Gillmor
  0 siblings, 1 reply; 4+ messages in thread
From: David Bremner @ 2020-02-13 23:13 UTC (permalink / raw)
  To: Peter Wang, notmuch

Peter Wang <novalazy@gmail.com> writes:

> In particular, timestamps beyond 2038 could overflow the sprinter
> interface on systems where time_t is 64-bit but 'int' is a signed 32-bit
> integer type.

Series pushed to master.

d

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] sprinter: change integer method to use int64_t
  2020-02-13 23:13   ` David Bremner
@ 2020-02-20 17:23     ` Daniel Kahn Gillmor
  0 siblings, 0 replies; 4+ messages in thread
From: Daniel Kahn Gillmor @ 2020-02-20 17:23 UTC (permalink / raw)
  To: David Bremner, Peter Wang, notmuch

[-- Attachment #1: Type: text/plain, Size: 593 bytes --]

On Thu 2020-02-13 19:13:51 -0400, David Bremner wrote:
> Peter Wang <novalazy@gmail.com> writes:
>
>> In particular, timestamps beyond 2038 could overflow the sprinter
>> interface on systems where time_t is 64-bit but 'int' is a signed 32-bit
>> integer type.
>
> Series pushed to master.

I'm a bit slow following up on this, but just wanted to say thanks to
Peter for his fix here.  This kind of additional robustness is
definitely appreciated, even well before Y2038.  And especially in the
face of malicious input, which is basically the only thing that notmuch
deals with!

       --dkg

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-02-20 18:56 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-02-08  1:49 [PATCH 1/2] test: add known broken test with timestamp beyond 2038 Peter Wang
2020-02-08  1:49 ` [PATCH 2/2] sprinter: change integer method to use int64_t Peter Wang
2020-02-13 23:13   ` David Bremner
2020-02-20 17:23     ` Daniel Kahn Gillmor

Code repositories for project(s) associated with this public inbox

	https://yhetil.org/notmuch.git/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).