curl-library
Bug#551461: curl_getdate(3) fails to parse some valid RFC 822 dates (fwd)
From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sun, 18 Oct 2009 14:32:42 +0200 (CEST)
Date: Sun, 18 Oct 2009 14:32:42 +0200 (CEST)
FYI
-- / daniel.haxx.se ---------- Forwarded message ---------- Date: Sun, 18 Oct 2009 13:38:00 From: "J.H.M. Dassen (Ray)" <jdassen_at_debian.org> To: Debian Bug Tracking System <submit_at_bugs.debian.org> Subject: Bug#551461: curl_getdate(3) fails to parse some valid RFC 822 dates Resent-Date: Sun, 18 Oct 2009 12:24:06 +0000 Resent-Date: Sun, 18 Oct 2009 12:24:09 +0000 Resent-From: "J.H.M. Dassen (Ray)" <jdassen_at_debian.org> Resent-To: debian-bugs-dist_at_lists.debian.org Resent-cc: Domenico Andreoli <cavok_at_debian.org> Package: libcurl3-gnutls Version: 7.19.5-1.1 Severity: normal Tags: patch upstream According to curl_getdate(3), its "parser was written to handle date formats specified in RFC 822 (including the update in RFC 1123) using time zone name or time zone delta and RFC 850 (obsoleted by RFC 1036) and ANSI C's asctime() format." RFC 822's date format allows for the use of single letter military timezones; see http://www.rfc-ref.org/RFC-TEXTS/822/chapter5.html For example, "Sat, 17 Oct 2009 20:00:00 Z" is a valid date string according to RFC822, and such date strings are seen in the wild (see bug #37491), but are not parsed by curl_getdate(3). The patch below (which I have tested against libcurl CVS HEAD) fixes this. Kind regards, Ray diff -ru ../curl-cvs/lib/parsedate.c ./lib/parsedate.c --- ../curl-cvs/lib/parsedate.c 2009-09-03 10:30:28.000000000 +0200 +++ ./lib/parsedate.c 2009-10-18 12:47:45.000000000 +0200 @@ -147,6 +147,36 @@ {"NZST", -720}, /* New Zealand Standard */ {"NZDT", -720 tDAYZONE}, /* New Zealand Daylight */ {"IDLE", -720}, /* International Date Line East */ + /* Next up: Military timezone names. RFC822 allowed these, but (as noted in + RFC 1123) had their signs wrong. Here we use the correct signs to match + actual military usage. + */ + {"A", +1 * 60}, /* Alpha */ + {"B", +2 * 60}, /* Bravo */ + {"C", +3 * 60}, /* Charlie */ + {"D", +4 * 60}, /* Delta */ + {"E", +5 * 60}, /* Echo */ + {"F", +6 * 60}, /* Foxtrot */ + {"G", +7 * 60}, /* Golf */ + {"H", +8 * 60}, /* Hotel */ + {"I", +9 * 60}, /* India */ + /* "J", Juliet is not used as a timezone, to indicate the observer's local time */ + {"K", +10 * 60}, /* Kilo */ + {"L", +11 * 60}, /* Lima */ + {"M", +12 * 60}, /* Mike */ + {"N", -1 * 60}, /* November */ + {"O", -2 * 60}, /* Oscar */ + {"P", -3 * 60}, /* Papa */ + {"Q", -4 * 60}, /* Quebec */ + {"R", -5 * 60}, /* Romeo */ + {"S", -6 * 60}, /* Sierra */ + {"T", -7 * 60}, /* Tango */ + {"U", -8 * 60}, /* Uniform */ + {"V", -9 * 60}, /* Victor */ + {"W", -10 * 60}, /* Whiskey */ + {"X", -11 * 60}, /* X-ray */ + {"Y", -12 * 60}, /* Yankee */ + {"Z", 0}, /* Zulu, zero meridian, a.k.a. UTC */ }; /* returns: -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing-proposed-updates'), (500, 'oldstable'), (500, 'stable'), (400, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31.4 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libcurl3-gnutls depends on: ii ca-certificates 20090814 Common CA certificates ii libc6 2.9-27 GNU C Library: Shared libraries ii libgcrypt11 1.4.4-4 LGPL Crypto library - runtime libr ii libgnutls26 2.8.4-1 the GNU TLS library - runtime libr ii libgssapi-krb5-2 1.7dfsg~beta3-1 MIT Kerberos runtime libraries - k ii libidn11 1.15-2 GNU Libidn library, implementation ii libldap-2.4-2 2.4.17-2 OpenLDAP libraries ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime libcurl3-gnutls recommends no packages. libcurl3-gnutls suggests no packages. -- no debconf information ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2009-10-18