From 466ed19374903299a3ad21213d3a91e18559f9db Mon Sep 17 00:00:00 2001
From: Sarah Jamie Lewis <sarah@openprivacy.ca>
Date: Mon, 10 Feb 2020 11:41:04 -0800
Subject: Fix buffer overflow when evaluating pricing date

---
 src/times.cc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/times.cc b/src/times.cc
index ffd62428..acdf7eb0 100644
--- a/src/times.cc
+++ b/src/times.cc
@@ -237,6 +237,10 @@ string_to_month_of_year(const std::string& str)
 
 datetime_t parse_datetime(const char * str)
 {
+  if (std::strlen(str) > 127) {
+    throw_(date_error, _f("Invalid date: %1%") % str);
+  }
+
   char buf[128];
   std::strcpy(buf, str);
 
-- 
cgit v1.2.3