diff options
author | Ed Tanous <edtanous@google.com> | 2022-06-28 23:50:00 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2022-07-09 17:08:03 +0300 |
commit | b2f7609b48eb058f973a989593daf3dea24b4063 (patch) | |
tree | 788bb3a11b778cfca7993efa31707c97c8b9c4b3 /redfish-core | |
parent | 6d6574c965d2e10ce97a219da7d61605b21dd716 (diff) | |
download | bmcweb-b2f7609b48eb058f973a989593daf3dea24b4063.tar.xz |
Fix undefined behavior in timestamp parsing
If this algorithm ever processed a string where the + came before the .,
then dot - plus would render a negative, and overflow, causing a crash.
In practice, this doesn't happen.
Tested: Inspection only at this time. Difficult to trigger error.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic7f5153d144ac551118c4f4b2d61f82626ac3779
Diffstat (limited to 'redfish-core')
-rw-r--r-- | redfish-core/include/event_service_manager.hpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/redfish-core/include/event_service_manager.hpp b/redfish-core/include/event_service_manager.hpp index 1785828444..7e249ba3a8 100644 --- a/redfish-core/include/event_service_manager.hpp +++ b/redfish-core/include/event_service_manager.hpp @@ -247,7 +247,7 @@ inline int formatEventLogEntry(const std::string& logEntryID, // RFC3339 format which matches the Redfish format except for the // fractional seconds between the '.' and the '+', so just remove them. std::size_t dot = timestamp.find_first_of('.'); - std::size_t plus = timestamp.find_first_of('+'); + std::size_t plus = timestamp.find_first_of('+', dot); if (dot != std::string::npos && plus != std::string::npos) { timestamp.erase(dot, plus - dot); |