From c45da5f5ca550215588ba9483eef62f2a214addb Mon Sep 17 00:00:00 2001
From: Lars Henriksen <LarsHenriksen@get2net.dk>
Date: Sun, 5 Nov 2017 12:27:31 +0100
Subject: New support functions for input validation.

check_sec(), overflow_add(), overflow_mul()

Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
---
 src/calcurse.h |  3 +++
 src/utils.c    | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/src/calcurse.h b/src/calcurse.h
index 05e27b0..178af1f 100644
--- a/src/calcurse.h
+++ b/src/calcurse.h
@@ -1159,6 +1159,7 @@ char *new_tempfile(const char *);
 int check_date(unsigned, unsigned, unsigned);
 int parse_date(const char *, enum datefmt, int *, int *, int *, struct date *);
 int parse_date_interactive(const char *, int *, int *, int *);
+int check_sec(time_t *);
 int check_time(unsigned, unsigned);
 int parse_time(const char *, unsigned *, unsigned *);
 int parse_duration(const char *, unsigned *);
@@ -1181,6 +1182,8 @@ int starts_with(const char *, const char *);
 int starts_with_ci(const char *, const char *);
 int hash_matches(const char *, const char *);
 int show_dialogs(void);
+int overflow_add(int, int, int *);
+int overflow_mul(int, int, int *);
 
 /* vars.c */
 extern int col, row;
diff --git a/src/utils.c b/src/utils.c
index b90a9bf..8728dfb 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -788,6 +788,16 @@ int check_date(unsigned year, unsigned month, unsigned day)
 		day <= days[month - 1] + (month == 2 && ISLEAP(year)) ? 1 : 0);
 }
 
+/*
+ * Check that a time in seconds is a valid calcurse date (ignoring hour:min:sec).
+ */
+int check_sec(time_t *time)
+{
+	struct tm tm;
+	localtime_r(time, &tm);
+	return check_date(tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday);
+}
+
 /*
  * Convert a string containing a date into three integers containing the year,
  * month and day.
@@ -1870,3 +1880,29 @@ int show_dialogs(void)
 {
 	return (!quiet) && conf.system_dialogs;
 }
+
+/*
+ * Overflow check for addition with positive second term.
+ */
+int overflow_add(int x, int y, int *z)
+{
+	if (y < 0)
+		return 1;
+	if (INT_MAX - y < x)
+		return 1;
+	*z = x + y;
+	return 0;
+}
+
+/*
+ * Overflow check for multiplication with positive terms.
+ */
+int overflow_mul(int x, int y, int *z)
+{
+	if (x < 0 || y <= 0)
+		return 1;
+	if (INT_MAX / y < x)
+		return 1;
+	*z = x * y;
+	return 0;
+}
-- 
cgit v1.2.3-54-g00ecf