From 5e8a3c19fcad2936dc5e070cf0767a5c5af907c5 Mon Sep 17 00:00:00 2001
From: Philip Withnall <pwithnall@gnome.org>
Date: Tue, 18 Feb 2025 16:55:18 +0000
Subject: [PATCH 3/6] gdatetime: Track timezone length as an unsigned size_t
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It’s guaranteed to be in (0, length] by the calculations above.

This avoids the possibility of integer overflow through `gssize` not
being as big as `size_t`.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>

CVE: CVE-2025-3360
Upstream-Status: Backport [https://github.com/GNOME/glib/commit/5e8a3c19fcad2936dc5e070cf0767a5c5af907c5]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 glib/gdatetime.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/glib/gdatetime.c b/glib/gdatetime.c
index 792c2ed15..6335bcbe2 100644
--- a/glib/gdatetime.c
+++ b/glib/gdatetime.c
@@ -1347,7 +1347,8 @@ parse_iso8601_date (const gchar *text, gsize length,
 static GTimeZone *
 parse_iso8601_timezone (const gchar *text, gsize length, size_t *tz_offset)
 {
-  gint i, tz_length, offset_hours, offset_minutes;
+  size_t tz_length;
+  gint i, offset_hours, offset_minutes;
   gint offset_sign = 1;
   GTimeZone *tz;