parsedate.c: fix a numeric overflow

1 files changed, 23 insertions, 2 deletions

diff --git a/lib/parsedate.c b/lib/parsedate.c
index ec60e78e7..b6079bc8f 100644
--- a/lib/parsedate.c
+++ b/lib/parsedate.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -75,6 +75,10 @@
 
 #include "setup.h"
 
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+
 #include <curl/curl.h>
 #include "rawstr.h"
 #include "warnless.h"
@@ -392,7 +396,24 @@ static int parsedate(const char *date, time_t *output)
         secnum = 0;
       }
       else {
-        val = curlx_sltosi(strtol(date, &end, 10));
+        long lval;
+        int error;
+        int old_errno;
+
+        old_errno = ERRNO;
+        SET_ERRNO(0);
+        lval = strtol(date, &end, 10);
+        error = ERRNO;
+        if(error != old_errno)
+          SET_ERRNO(old_errno);
+
+        if(error)
+          return PARSEDATE_FAIL;
+
+        if((lval > (long)INT_MAX) || (lval < (long)INT_MIN))
+          return PARSEDATE_FAIL;
+
+        val = curlx_sltosi(lval);
 
         if((tzoff == -1) &&
            ((end - date) == 4) &&