GitHub/ergo
3
0
Fork 0
mirror of https://github.com/ergochat/ergo.git synced 2025-06-06 23:07:32 +02:00
Code Issues Projects Releases Wiki Activity

improve robustness of timestamp parsing (#2250)

Browse Source 
* Clamp CHATHISTORY timestamp selectors to be in [0, MaxInt64]
* Convert everything to UTC up front (probably a no-op)
This commit is contained in:
Shivaram Lingamneni 2025-04-24 23:37:48 -04:00 committed by GitHub
parent 2cf569c5d9
commit 54b17b0700
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
irc/handlers.go
View File

@ -755,6 +755,14 @@ func chathistoryHandler(server *Server, client *Client, msg ircmsg.Message, rb *
return return
} else if identifier == "timestamp" { } else if identifier == "timestamp" {
timestamp, err = time.Parse(IRCv3TimestampFormat, value) timestamp, err = time.Parse(IRCv3TimestampFormat, value)
if err == nil {
timestamp = timestamp.UTC()
if timestamp.Before(unixEpoch) {
timestamp = unixEpoch
} else if timestamp.After(year2262Problem) {
timestamp = year2262Problem
}
}
return return
} }
return return
@ -3052,6 +3060,7 @@ func markReadHandler(server *Server, client *Client, msg ircmsg.Message, rb *Res
rb.Add(nil, server.name, "FAIL", "MARKREAD", "INVALID_PARAMS", utils.SafeErrorParam(readTimestamp), client.t("Invalid timestamp")) rb.Add(nil, server.name, "FAIL", "MARKREAD", "INVALID_PARAMS", utils.SafeErrorParam(readTimestamp), client.t("Invalid timestamp"))
return return
} }
readTime = readTime.UTC()
result := client.SetReadMarker(cftarget, readTime) result := client.SetReadMarker(cftarget, readTime)
readTimestamp = fmt.Sprintf("timestamp=%s", result.Format(IRCv3TimestampFormat)) readTimestamp = fmt.Sprintf("timestamp=%s", result.Format(IRCv3TimestampFormat))
// inform the originating session whether it was a success or a no-op: // inform the originating session whether it was a success or a no-op:

3
irc/server.go
View File

@ -65,6 +65,9 @@ var (
throttleMessage = "You have attempted to connect too many times within a short duration. Wait a while, and you will be able to connect." throttleMessage = "You have attempted to connect too many times within a short duration. Wait a while, and you will be able to connect."
httpVerbs = utils.SetLiteral("CONNECT", "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT", "TRACE") httpVerbs = utils.SetLiteral("CONNECT", "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT", "TRACE")
unixEpoch = time.Unix(0, 0).UTC()
year2262Problem = time.Unix(0, 1<<63-1).UTC() // this is the maximum time for which (*time.Time).UnixNano() is well-defined
) )
// Server is the main Oragono server. // Server is the main Oragono server.