[nginx] Introduced time truncation to December 31, 9999 (ticket #1368).

[Maxim Dounin]

details:   http://hg.nginx.org/nginx/rev/cdbcb73239ee
branches:  
changeset: 7104:cdbcb73239ee
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Wed Sep 13 15:53:19 2017 +0300
description:
Introduced time truncation to December 31, 9999 (ticket #1368).

Various buffers are allocated in an assumption that there would be
no more than 4 year digits.  This might not be true on platforms
with 64-bit time_t, as 64-bit time_t is able to represent more than that.
Such dates with more than 4 year digits hardly make sense though, as
various date formats in use do not allow them anyway.

As such, all dates are now truncated by ngx_gmtime() to December 31, 9999.
This should have no effect on valid dates, though will prevent potential
buffer overflows on invalid ones.

diffstat:

 src/core/ngx_times.c |  10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diffs (20 lines):

diff --git a/src/core/ngx_times.c b/src/core/ngx_times.c
--- a/src/core/ngx_times.c
+++ b/src/core/ngx_times.c
@@ -311,6 +311,16 @@ ngx_gmtime(time_t t, ngx_tm_t *tp)
     days = t / 86400;
     sec = t % 86400;
 
+    /*
+     * no more than 4 year digits supported,
+     * truncate to December 31, 9999, 23:59:59
+     */
+
+    if (days > 2932896) {
+        days = 2932896;
+        sec = 86399;
+    }
+
     /* January 1, 1970 was Thursday */
 
     wday = (4 + days) % 7;