Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Some panic cases found by afl.rs #1010

Closed
Koral77 opened this issue Apr 5, 2023 · 8 comments
Closed

Some panic cases found by afl.rs #1010

Koral77 opened this issue Apr 5, 2023 · 8 comments

Comments

@Koral77
Copy link

Koral77 commented Apr 5, 2023

I've using afl.rs to fuzz this crate. And I've found several APIs may panic due to arithmetic overflow.

The code to replay these panics are

let _local0 = chrono::naive::NaiveDateTime::from_timestamp_opt(-4227854320, 1678774288);
let _local1 = chrono::Duration::microseconds(-7019067213869040);
let _local2_param0_helper1 = _local0.unwrap();
chrono::DurationRound::duration_trunc(_local2_param0_helper1, _local1);
let _local0 = chrono::naive::NaiveDateTime::from_timestamp_opt(320041586, 1920103021);
let _local1 = chrono::Duration::nanoseconds(-8923838508697114584);
let _local2_param0_helper1 = _local0.unwrap();
chrono::DurationRound::duration_round(_local2_param0_helper1, _local1);
let _local0 = chrono::naive::NaiveDateTime::from_timestamp_opt(-2621440, 0);
let _local1 = chrono::Duration::nanoseconds(-9223372036854771421);
let _local2_param0_helper1 = _local0.unwrap();
chrono::DurationRound::duration_round(_local2_param0_helper1, _local1);
let _local0 = chrono::naive::NaiveDateTime::from_timestamp_opt(-502509993984, 64);
let _local1_param0_helper1 = _local0.unwrap();
chrono::Datelike::with_ordinal0(&(_local1_param0_helper1), 4294967295);
let _local0 = chrono::naive::NaiveDateTime::from_timestamp_opt(-754576364, 336909572);
let _local1_param0_helper1 = _local0.unwrap();
chrono::Datelike::with_day0(&(_local1_param0_helper1), 4294967295);
let _local0 = chrono::naive::NaiveDateTime::from_timestamp(-8377300, 742391807);
chrono::Datelike::with_month0(&(_local0), 4294967295);
chrono::Datelike::with_month(&(_local0), 4294967295);
let _local0 = chrono::naive::NaiveDateTime::from_timestamp(-11676614656, 15282199);
chrono::naive::NaiveDateTime::timestamp_nanos(&(&_local0));

Besides, I've found an not a char boundary error. The code to replay the panic is

chrono::naive::NaiveDateTime::parse_from_str("\u{c}SUN\u{e}\u{3000}\0m@J\u{3000}\0\u{3000}\0m\u{c}!\u{c}\u{b}\u{c}\u{c}\u{c}\u{c}%A\u{c}\u{b}\0SU\u{c}\u{c}",
"\u{c}\u{c}%A\u{c}\u{b}\0SUN\u{c}\u{c}\u{c}SUNN\u{c}\u{c}\u{c}SUN\u{c}\u{c}!\u{c}\u{b}\u{c}\u{c}\u{c}\u{c}%A\u{c}\u{b}%a");
let _local1 = chrono::offset::FixedOffset::east_opt(17367308);
let _local2_param0_helper1 = _local1.unwrap();
chrono::offset::Offset::fix(&(_local2_param0_helper1));

The simple bug report is like this.
image
I hope you will check if this is an actually bug. Thanks a lot.

@jtmoon79
Copy link
Contributor

jtmoon79 commented Apr 5, 2023

Great find. Thanks @Koral77 !

Is it possible to share the project code for this, as a .zip or .tgz file? Or a small repository of your own?

@Koral77
Copy link
Author

Koral77 commented Apr 5, 2023

@jtmoon79 Thank you for your reply. The replay codes are put on replay_files.

@jtmoon79
Copy link
Contributor

jtmoon79 commented Apr 5, 2023

Thanks @Koral77 .

For future note, at some time those files in https://github.com/Koral77/replay_files/tree/main/replays/chrono should be made into test cases within the chrono repository. That task is open to anyone that wants to spend the time on it! 🙂

@pitdicker
Copy link
Collaborator

To update this issue: of the 8 cases there are 4 left.

  • One involves a panic in timestamp_nanos. This is working as intended (but it would be nice to document the panic here and for other methods that can panic).
  • Three involve duration_trunc and duration_round.

@jtmoon79
Copy link
Contributor

For future note, at some time those files in https://github.com/Koral77/replay_files/tree/main/replays/chrono should be made into test cases within the chrono repository. That task is open to anyone that wants to spend the time on it! 🙂

PR with test cases #1091

jtmoon79 added a commit to jtmoon79/chrono that referenced this issue May 28, 2023
@pitdicker
Copy link
Collaborator

A fix for the last three issues was merged in #1093.

@djc
Copy link
Member

djc commented Jun 2, 2023

Are you saying this issue can be closed because all the issues covered here have been addressed?

@pitdicker
Copy link
Collaborator

Yes.

@djc djc closed this as completed Jun 2, 2023
crapStone pushed a commit to Calciumdibromid/CaBr2 that referenced this issue Jun 12, 2023
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [chrono](https://github.com/chronotope/chrono) | dependencies | patch | `0.4.24` -> `0.4.26` |

---

### Release Notes

<details>
<summary>chronotope/chrono</summary>

### [`v0.4.26`](https://github.com/chronotope/chrono/releases/tag/v0.4.26): 0.4.26

[Compare Source](chronotope/chrono@v0.4.25...v0.4.26)

The changes from [#&#8203;807](chronotope/chrono#807) we merged for 0.4.25 unfortunately restricted parsing in a way that was incompatible with earlier 0.4.x releases. We reverted this in [#&#8203;1113](chronotope/chrono#1113). A small amount of other changes were merged since.

-   Update README ([#&#8203;1111](chronotope/chrono#1111), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Revert backport of [#&#8203;807](chronotope/chrono#807) ([#&#8203;1113](chronotope/chrono#1113), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Update to 2021 edition ([#&#8203;1109](chronotope/chrono#1109), thanks to [@&#8203;tottoto](https://github.com/tottoto))
-   Fix `DurationRound` panics from issue [#&#8203;1010](chronotope/chrono#1010) ([#&#8203;1093](chronotope/chrono#1093), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   tests: date path consolidate (branch 0.4.x) ([#&#8203;1090](chronotope/chrono#1090), thanks to [@&#8203;jtmoon79](https://github.com/jtmoon79))
-   Parse tests nanosecond bare dot (branch 0.4.x) ([#&#8203;1098](chronotope/chrono#1098), thanks to [@&#8203;jtmoon79](https://github.com/jtmoon79))
-   yamllint cleanup lint.yml test.yml ([#&#8203;1102](chronotope/chrono#1102), thanks to [@&#8203;jtmoon79](https://github.com/jtmoon79))
-   Remove num-iter dependency ([#&#8203;1107](chronotope/chrono#1107), thanks to [@&#8203;tottoto](https://github.com/tottoto))

Thanks on behalf of the chrono team ([@&#8203;djc](https://github.com/djc) and [@&#8203;esheppa](https://github.com/esheppa)) to all contributors!

### [`v0.4.25`](https://github.com/chronotope/chrono/releases/tag/v0.4.25): 0.4.25

[Compare Source](chronotope/chrono@v0.4.24...v0.4.25)

Time for another maintenance release. This release bumps the MSRV to 1.56; given MSRV bumps in chrono's dependencies (notably for syn 2), we felt that it no longer made sense to support any older versions. Feedback welcome in our issue tracker!

##### Additions

-   Bump the MSRV to 1.56 ([#&#8203;1053](chronotope/chrono#1053))
-   Apply comments from MSRV bump ([#&#8203;1026](chronotope/chrono#1026), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Remove num-integer dependency ([#&#8203;1037](chronotope/chrono#1037), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Add `NaiveDateTime::and_utc()` method ([#&#8203;952](chronotope/chrono#952), thanks to [@&#8203;klnusbaum](https://github.com/klnusbaum))
-   derive `Hash` for most pub types that also derive `PartialEq` ([#&#8203;938](chronotope/chrono#938), thanks to [@&#8203;bruceg](https://github.com/bruceg))
-   Add `parse_and_remainder()` methods ([#&#8203;1011](chronotope/chrono#1011), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Add `DateTime::fix_offset()` ([#&#8203;1030](chronotope/chrono#1030), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Add `#[track_caller]` to `LocalResult::unwrap` ([#&#8203;1046](chronotope/chrono#1046), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Add `#[must_use]` to some methods ([#&#8203;1007](chronotope/chrono#1007), thanks to [@&#8203;aceArt-GmbH](https://github.com/aceArt-GmbH))
-   Implement `PartialOrd` for `Month` ([#&#8203;999](chronotope/chrono#999), thanks to [@&#8203;Munksgaard](https://github.com/Munksgaard))
-   Add `impl From<NaiveDateTime> for NaiveDate` ([#&#8203;1012](chronotope/chrono#1012), thanks to [@&#8203;pezcore](https://github.com/pezcore))
-   Extract timezone info from tzdata file on Android ([#&#8203;978](chronotope/chrono#978), thanks to [@&#8203;RumovZ](https://github.com/RumovZ))

##### Fixes

-   Prevent string slicing inside char boundaries ([#&#8203;1024](chronotope/chrono#1024), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   fix IsoWeek so that its flags are always correct ([#&#8203;991](chronotope/chrono#991), thanks to [@&#8203;moshevds](https://github.com/moshevds))
-   Fix out-of-range panic in `NaiveWeek::last_day` ([#&#8203;1070](chronotope/chrono#1070), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Use correct offset in conversion from `Local` to `FixedOffset` ([#&#8203;1041](chronotope/chrono#1041), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Fix military timezones in RFC 2822 parsing ([#&#8203;1013](chronotope/chrono#1013), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Guard against overflow in NaiveDate::with_\*0 methods ([#&#8203;1023](chronotope/chrono#1023), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Fix panic in from_num_days_from_ce_opt ([#&#8203;1052](chronotope/chrono#1052), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))

##### Refactoring

-   Rely on std for getting local time offset ([#&#8203;1072](chronotope/chrono#1072), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Make functions in internals const ([#&#8203;1043](chronotope/chrono#1043), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Refactor windows module in `Local` ([#&#8203;992](chronotope/chrono#992), thanks to [@&#8203;nekevss](https://github.com/nekevss))
-   Simplify from_timestamp_millis, from_timestamp_micros ([#&#8203;1032](chronotope/chrono#1032), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Backport [#&#8203;983](chronotope/chrono#983) and [#&#8203;1000](chronotope/chrono#1000) ([#&#8203;1063](chronotope/chrono#1063), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))

##### Documentation

-   Backport documentation improvements ([#&#8203;1066](chronotope/chrono#1066), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Add documentation for %Z quirk ([#&#8203;1051](chronotope/chrono#1051), thanks to [@&#8203;campbellcole](https://github.com/campbellcole))
-   Add an example to Weekday ([#&#8203;1019](chronotope/chrono#1019), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))

##### Internal improvements

-   Gate test on `clock` feature ([#&#8203;1061](chronotope/chrono#1061), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   CI: Also run tests with `--no-default-features` ([#&#8203;1059](chronotope/chrono#1059), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Prevent `bench_year_flags_from_year` from being optimized out ([#&#8203;1034](chronotope/chrono#1034), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Fix test_leap_second during DST transition ([#&#8203;1064](chronotope/chrono#1064), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Fix warnings when running tests on Windows ([#&#8203;1038](chronotope/chrono#1038), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Fix tests on AIX ([#&#8203;1028](chronotope/chrono#1028), thanks to [@&#8203;ecnelises](https://github.com/ecnelises))
-   Fix doctest warnings, remove mention of deprecated methods from main doc ([#&#8203;1081](chronotope/chrono#1081), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Reformat `test_datetime_parse_from_str` ([#&#8203;1078](chronotope/chrono#1078), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   GitHub yml shell `set -eux`, use bash ([#&#8203;1103](chronotope/chrono#1103), thanks to [@&#8203;jtmoon79](https://github.com/jtmoon79))
-   test: explicitly set `LANG` to `c` in gnu `date` ([#&#8203;1089](chronotope/chrono#1089), thanks to [@&#8203;scarf005](https://github.com/scarf005))
-   Switch test to `TryFrom` ([#&#8203;1086](chronotope/chrono#1086), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   Add test for issue 551 ([#&#8203;1020](chronotope/chrono#1020), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   RFC 2822 single-letter obsolete tests ([#&#8203;1014](chronotope/chrono#1014), thanks to [@&#8203;jtmoon79](https://github.com/jtmoon79))
-   \[CI] Lint Windows target and documentation links ([#&#8203;1062](chronotope/chrono#1062), thanks to [@&#8203;pitdicker](https://github.com/pitdicker))
-   add test_issue\_866 ([#&#8203;1077](chronotope/chrono#1077), thanks to [@&#8203;jtmoon79](https://github.com/jtmoon79))
-   Remove AUTHORS metadata ([#&#8203;1074](chronotope/chrono#1074))

On behalf of [@&#8203;djc](https://github.com/djc) and [@&#8203;esheppa](https://github.com/esheppa), thanks to all contributors!

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMDUuMSIsInVwZGF0ZWRJblZlciI6IjM1LjExNS4yIiwidGFyZ2V0QnJhbmNoIjoiZGV2ZWxvcCJ9-->

Co-authored-by: cabr2-bot <cabr2.help@gmail.com>
Reviewed-on: https://codeberg.org/Calciumdibromid/CaBr2/pulls/1909
Reviewed-by: crapStone <crapstone@noreply.codeberg.org>
Co-authored-by: Calciumdibromid Bot <cabr2_bot@noreply.codeberg.org>
Co-committed-by: Calciumdibromid Bot <cabr2_bot@noreply.codeberg.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants