Add overflow check. Limit each individual section to 32-bit signed

Morten Haraldsen · Morten Haraldsen · commit b5380cf66ad5 · 2025-02-16T16:52:32.000+01:00
diff --git a/src/main/java/com/ethlo/time/ItuDurationParser.java b/src/main/java/com/ethlo/time/ItuDurationParser.java
@@ -94,7 +94,15 @@ private static int readUntilNonDigit(final String chars, final int offset, final
             }
             else
             {
-                value = value * RADIX + (c - ZERO);
+                int digit = c - ZERO;
+
+                // Correct overflow check
+                if (value > 214748364 || (value == 214748364 && digit > 7))
+                {
+                    throw new DateTimeParseException("Numeric overflow while parsing value", chars, idx);
+                }
+
+                value = value * RADIX + digit;
                 idx++;
             }
         }
@@ -198,6 +206,12 @@ public final void accept(final String chars, final int index, final int length,
                 throw new DateTimeParseException("Duration must start with 'P'", chars, 0);
             }
 
+            /*
+             * An int can never overflow a long when used for seconds, minutes, hours, days, and weeks,
+             * even at their maximum values, because the total number of seconds remains within the
+             * 64-bit long's limits.
+             */
+
             switch (unit)
             {
                 case 'T':
@@ -248,7 +262,7 @@ public final void accept(final String chars, final int index, final int length,
                         int remainingDigits = DIGITS_IN_NANO - length;
                         if (remainingDigits > 0)
                         {
-                            nano *= POW10_TABLE[remainingDigits]; // Use lookup instead of loop
+                            nano *= POW10_TABLE[remainingDigits];
                         }
                         readingFractionalPart = false;
                     }
diff --git a/src/test/java/com/ethlo/time/ItuDurationParserTest.java b/src/test/java/com/ethlo/time/ItuDurationParserTest.java
@@ -56,7 +56,6 @@ void testValidFullNotNormalizedToNormalized()
     @Test
     void shouldParseZeroDuration()
     {
-        // Input: P0D (zero duration)
         Duration duration = ItuDurationParser.parse("P0D").toDuration();
         assertThat(duration).isEqualTo(Duration.ZERO);
     }
@@ -77,6 +76,15 @@ void shouldParseDurationWithNoTimeSection()
         assertThat(duration).isEqualTo(Duration.ofDays(30));
     }
 
+    @Test
+    void shouldThrowDateTimeParseExceptionForOverflow()
+    {
+        final String input = "P999999999999D";
+        assertThatThrownBy(() -> ItuDurationParser.parse(input))
+                .isInstanceOf(DateTimeParseException.class)
+                .hasMessageContaining("Numeric overflow while parsing value");
+    }
+
     @Test
     void shouldThrowDateTimeParseExceptionForInvalidUnits()
     {

Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,15 @@ private static int readUntilNonDigit(final String chars, final int offset, final`
`94`	`94`	`}`
`95`	`95`	`else`
`96`	`96`	`{`
`97`		`- value = value * RADIX + (c - ZERO);`
	`97`	`+ int digit = c - ZERO;`
	`98`	`+`
	`99`	`+ // Correct overflow check`
	`100`	`+ if (value > 214748364 \|\| (value == 214748364 && digit > 7))`
	`101`	`+ {`
	`102`	`+ throw new DateTimeParseException("Numeric overflow while parsing value", chars, idx);`
	`103`	`+ }`
	`104`	`+`
	`105`	`+ value = value * RADIX + digit;`
`98`	`106`	`idx++;`
`99`	`107`	`}`
`100`	`108`	`}`
`@@ -198,6 +206,12 @@ public final void accept(final String chars, final int index, final int length,`
`198`	`206`	`throw new DateTimeParseException("Duration must start with 'P'", chars, 0);`
`199`	`207`	`}`
`200`	`208`
	`209`	`+ /*`
	`210`	`+ * An int can never overflow a long when used for seconds, minutes, hours, days, and weeks,`
	`211`	`+ * even at their maximum values, because the total number of seconds remains within the`
	`212`	`+ * 64-bit long's limits.`
	`213`	`+ */`
	`214`	`+`
`201`	`215`	`switch (unit)`
`202`	`216`	`{`
`203`	`217`	`case 'T':`
`@@ -248,7 +262,7 @@ public final void accept(final String chars, final int index, final int length,`
`248`	`262`	`int remainingDigits = DIGITS_IN_NANO - length;`
`249`	`263`	`if (remainingDigits > 0)`
`250`	`264`	`{`
`251`		`- nano *= POW10_TABLE[remainingDigits]; // Use lookup instead of loop`
	`265`	`+ nano *= POW10_TABLE[remainingDigits];`
`252`	`266`	`}`
`253`	`267`	`readingFractionalPart = false;`
`254`	`268`	`}`
Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,6 @@ void testValidFullNotNormalizedToNormalized()`
`56`	`56`	`@Test`
`57`	`57`	`void shouldParseZeroDuration()`
`58`	`58`	`{`
`59`		`- // Input: P0D (zero duration)`
`60`	`59`	`Duration duration = ItuDurationParser.parse("P0D").toDuration();`
`61`	`60`	`assertThat(duration).isEqualTo(Duration.ZERO);`
`62`	`61`	`}`
`@@ -77,6 +76,15 @@ void shouldParseDurationWithNoTimeSection()`
`77`	`76`	`assertThat(duration).isEqualTo(Duration.ofDays(30));`
`78`	`77`	`}`
`79`	`78`
	`79`	`+ @Test`
	`80`	`+ void shouldThrowDateTimeParseExceptionForOverflow()`
	`81`	`+ {`
	`82`	`+ final String input = "P999999999999D";`
	`83`	`+ assertThatThrownBy(() -> ItuDurationParser.parse(input))`
	`84`	`+ .isInstanceOf(DateTimeParseException.class)`
	`85`	`+ .hasMessageContaining("Numeric overflow while parsing value");`
	`86`	`+ }`
	`87`	`+`
`80`	`88`	`@Test`
`81`	`89`	`void shouldThrowDateTimeParseExceptionForInvalidUnits()`
`82`	`90`	`{`