Skip to content

Overflow and Value errors in time module

Jump to bottom
ebranca edited this page Jun 15, 2014 · 2 revisions

Classification

  • Affected Components : builtin, time

  • Operating System : Linux

  • Python Versions : 2.6.x, 2.7.x, 3.1.x, 3.2.x

  • Reproducible : Yes

Source code

import time

initial_struct_time = [tm for tm in time.localtime()]
# hours
initial_struct_time[3] = 2147483647
# minutes
initial_struct_time[4] = 2147483647
# seconds
initial_struct_time[5] = 2147483647
# year
initial_struct_time[0] = 2147483647
# month
initial_struct_time[1] = 2147483647
# day
initial_struct_time[2] = -2147483647
# day
initial_struct_time[6] = 2147483647

overflow_time = time.asctime(initial_struct_time)

print(overflow_time)

Steps to Produce/Reproduce

To reproduce the problem copy the source code in a file and execute the script using the following command syntax:

$ python -OOBRtt test.py

Alternatively you can open python in interactive mode:

$ python -OOBRtt <press enter>

Then copy the lines of code into the interpreter.

Description

Integers in a 32bit system ranges from -2^31 (-2,147,483,648) to 2^31-1 (2,147,483,647) and python time module does not checks or handle invalid numerical values.

If a number bigger then the 32bit maximum is used, for example if the number 2147483648, a numeric overflow occurs.

initial_struct_time[3] = 2147483648

Generates:

Traceback (most recent call last):
  File "___xxxx.py", line 7, in <module>
    x = time.asctime( (2147483648, -1, -1, 1, 1, 1, -11, -1, -1))
OverflowError: long int too large to convert to int

This behaviour in python is consistent across versions but the message changes depending on the version.

Error in Python 2.6.x
OverflowError: long int too large to convert to int
Error in Python 2.7.x
OverflowError: Python int too large to convert to C long

And also **a ValueError is raised if the year value is -1 or 100 is used.

initial_struct_time[0] = 100 
initial_struct_time[0] = -1

Both generates:

Traceback (most recent call last):
  File "test.py", line 16, in <module>
    faulty_time = time.asctime(initial_struct_time)
ValueError: year out of range

Workaround

We are not aware on any easy solution other than trying to avoid using 'time' or implement proper data validation for cases like the one examined.

Secure Implementation

WORK IN PROGRESS

References

[Python Time][01] [01]:https://docs.python.org/2/library/time.html

[Python datetime][02] [02]:https://docs.python.org/2/library/datetime.html

[Python bug 6608][03] [03]:http://bugs.python.org/issue6608

[Python bug 8013][04] [04]:http://bugs.python.org/issue8013

[Python bug 10814][05] [05]:http://bugs.python.org/issue10814

[Python bug 16137][06] [06]:http://bugs.python.org/issue16137

Main site: pythonsecurity.org

OWASP Page: owasp.org/index.php/OWASP_Python_Security_Project

  • Home
  • [Security Concerns](Security Concerns)
Clone this wiki locally