Fix integer overflows in timelib

ndossche · ndossche · commit 559eb7ff266b · 2024-12-06T18:56:57.000+01:00
There are edge cases where computations can cause an integer overflow, which is undefined behaviour. Lately, some fuzzers seem to be hitting these quite frequently. While this behaviour is undefined, it doesn't actually matter in practice, the worst effect is having a wrong computation result, but no sane person would do computations on e.g. the year pow(2,63). Still, undefined behaviour is bad. Make the wrapping behaviour defined by using -fwrapv when possible. The scope of this is limited to timelib and doesn't affect php_date.c. The reason for this is that this may in theory prevent some optimizations and it also seems bad to affect code that lives so close to the PHP-native edge. I tested all issues. This fixes all but one issues, the remaining issue is in php_date.c. Fixes phpGH-13881. Fixes phpGH-14075. Fixes phpGH-15150. Fixes phpGH-16034. Fixes phpGH-16035. Fixes phpGH-16048. Fixes phpGH-16050. Fixes phpGH-16051. Fixes phpGH-16052. Fixes phpGH-16775. Fixes phpGH-16864. Fixes phpGH-16865. Fixes phpGH-16975. Fixes phpGH-17025. Fixes phpGH-17059. Closes phpGH-17060.
diff --git a/NEWS b/NEWS
@@ -16,6 +16,10 @@ PHP                                                                        NEWS
 - Curl:
   . Added curl_multi_get_handles(). (timwolla)
 
+- Date:
+  . Fix undefined behaviour problems regarding integer overflow in extreme edge
+    cases. (nielsdos, cmb, ilutov)
+
 - DOM:
   . Added Dom\Element::$outerHTML. (nielsdos)
   . Added Dom\Element::insertAdjacentHTML(). (nielsdos)
diff --git a/ext/date/config.w32 b/ext/date/config.w32
@@ -5,6 +5,9 @@ PHP_DATE = "yes";
 ADD_SOURCES("ext/date/lib", "astro.c timelib.c dow.c parse_date.c parse_posix.c parse_tz.c tm2unixtime.c unixtime2tm.c parse_iso_intervals.c interval.c", "date");
 
 ADD_FLAG('CFLAGS_DATE', "/wd4244");
+if (CLANG_TOOLSET) {
+    ADD_FLAG('CFLAGS_BD_EXT_DATE_LIB', "-fwrapv");
+}
 
 var tl_config = FSO.CreateTextFile("ext/date/lib/timelib_config.h", true);
 tl_config.WriteLine("#include \"config.w32.h\"");
diff --git a/ext/date/config0.m4 b/ext/date/config0.m4
@@ -8,15 +8,24 @@ AX_CHECK_COMPILE_FLAG([-Wno-implicit-fallthrough],
   [PHP_DATE_CFLAGS="$PHP_DATE_CFLAGS -Wno-implicit-fallthrough"],,
   [-Werror])
 
-PHP_DATE_CFLAGS="$PHP_DATE_CFLAGS -I@ext_builddir@/lib -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1 -DHAVE_TIMELIB_CONFIG_H=1"
+PHP_DATE_CFLAGS="$PHP_DATE_CFLAGS -DHAVE_TIMELIB_CONFIG_H=1"
+PHP_TIMELIB_CFLAGS="$PHP_DATE_CFLAGS"
+PHP_DATE_CFLAGS="$PHP_DATE_CFLAGS -I@ext_builddir@/lib -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1"
+
+AX_CHECK_COMPILE_FLAG([-fwrapv],
+  [PHP_TIMELIB_CFLAGS="$PHP_TIMELIB_CFLAGS -fwrapv"],,
+  [-Werror])
+
 timelib_sources="lib/astro.c lib/dow.c lib/parse_date.c lib/parse_tz.c lib/parse_posix.c
                  lib/timelib.c lib/tm2unixtime.c lib/unixtime2tm.c lib/parse_iso_intervals.c lib/interval.c"
 
 PHP_NEW_EXTENSION([date],
-  [php_date.c $timelib_sources],
+  [php_date.c],
   [no],,
   [$PHP_DATE_CFLAGS])
 
+PHP_ADD_SOURCES([$ext_dir], [$timelib_sources], [$PHP_TIMELIB_CFLAGS])
+
 PHP_ADD_BUILD_DIR([$ext_builddir/lib], [1])
 PHP_ADD_INCLUDE([$ext_builddir/lib])
 PHP_ADD_INCLUDE([$ext_srcdir/lib])
