HowardHinnant/date
1
0
Fork 1
mirror of https://github.com/HowardHinnant/date.git synced 2025-08-04 13:14:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Restrict parse of %Z to valid timezone names and abbrev.

Browse Source
This commit is contained in:
Howard Hinnant
2017-04-13 13:24:57 -04:00
parent 096bad2622
commit 2c094f5559
1 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
date.h
View File

@@ -6134,7 +6134,32 @@ from_stream(std::basic_istream<CharT, Traits>& is, const CharT* fmt,
if (command) if (command)
{ {
if (modified == CharT{}) if (modified == CharT{})
is >> temp_abbrev; {
if (!temp_abbrev.empty())
is.setstate(ios::failbit);
else
{
while (is.rdstate() == std::ios::goodbit)
{
auto i = is.rdbuf()->sgetc();
if (Traits::eq_int_type(i, Traits::eof()))
{
is.setstate(ios::eofbit);
break;
}
auto C = Traits::to_char_type(i);
auto c = static_cast<char>(C);
// is c a valid time zone name or abbreviation character?
if (!(CharT{1} < C && C < CharT{127}) || !(isalnum(c) ||
c == '_' || c == '/' || c == '-' || c == '+'))
break;
temp_abbrev.push_back(c);
is.rdbuf()->sbumpc();
}
if (temp_abbrev.empty())
is.setstate(ios::failbit);
}
}
else else
read(is, CharT{'%'}, width, modified, *fmt); read(is, CharT{'%'}, width, modified, *fmt);
command = nullptr; command = nullptr;