[Tarantool-patches] [PATCH luajit] Prevent sanitizer warning in os.time().

Thu Jun 11 14:55:18 MSK 2026

Hi, Sergey!

It’s an addition for my previous letter. I am sorry, but the some part of the quote was missed in it.

My single comment is about these lines:

> - ts.tm_mon = getfield(L, "month", -1) - 1;
> - ts.tm_year = getfield(L, "year", -1) - 1900;
> + ts.tm_mon = (int)((unsigned int)getfield(L, "month", -1) - 1u);
> + ts.tm_year = (int)((unsigned int)getfield(L, "year", -1) - 1900u);

<please, see the comment text in the first letter>

--
Best regards,
Evgeniy Temirgaleev

> 
> From: Sergey Bronnikov <estetus at gmail.com>
> To: tarantool-patches at dev.tarantool.org, Sergey Kaplun <skaplun at tarantool.org
> >, e.temirgaleev at tarantool.org
> Date: Friday, June 5, 2026 6:19 PM +03:00
> From: Mike Pall <mike>
> 
> Reported by Sergey Bronnikov.
> 
> (cherry picked from commit 86d414f5cae062b06998ec66b0696a47d4f6a0f0)
> 
> The function `lj_cf_os_time()` calculates `tm_mon` and `tm_year`
> values using `get_field()` and when the helper function returns
> a negative value the resulted values may be negative as well. This
> is an undefined behaviour (signed integer overflow). The patch fixes
> that by adding a cast for the resulted value to returned by
> `get_field()`.
> 
> Sergey Bronnikov:
> * added the description and the test for the problem
> 
> Part of tarantool/tarantool#12480
> ---
> 
> Branch: https://github.com/tarantool/luajit/tree/ligurio/lj-1454-ub-os-time
> 
> 
> Related issues:
> 
> * https://github.com/tarantool/tarantool/issues/12480
> * https://github.com/LuaJIT/LuaJIT/issues/1454
> 
> src/lib_os.c | 4 ++--
> test/tarantool-tests/lj-1454-os-time.test.lua | 19 +++++++++++++++++++
> 2 files changed, 21 insertions(+), 2 deletions(-)
> create mode 100644 test/tarantool-tests/lj-1454-os-time.test.lua
> 
> diff --git a/src/lib_os.c b/src/lib_os.c
> index ffbc3fdc..0feb0d47 100644
> --- a/src/lib_os.c
> +++ b/src/lib_os.c
> @@ -239,8 +239,8 @@ LJLIB_CF(os_time)
> ts.tm_min = getfield(L, "min", 0);
> ts.tm_hour = getfield(L, "hour", 12);
> ts.tm_mday = getfield(L, "day", -1);
> - ts.tm_mon = getfield(L, "month", -1) - 1;
> - ts.tm_year = getfield(L, "year", -1) - 1900;
> + ts.tm_mon = (int)((unsigned int)getfield(L, "month", -1) - 1u);
> + ts.tm_year = (int)((unsigned int)getfield(L, "year", -1) - 1900u);
> ts.tm_isdst = getboolfield(L, "isdst");
> t = mktime(&ts);
> }
> diff --git a/test/tarantool-tests/lj-1454-os-time.test.lua
> b/test/tarantool-tests/lj-1454-os-time.test.lua
> new file mode 100644
> index 00000000..2a48750c
> --- /dev/null
> +++ b/test/tarantool-tests/lj-1454-os-time.test.lua
> @@ -0,0 +1,19 @@
> +local tap = require('tap')
> +
> +-- The test file to demonstrate UBSan warning for `os.time()` with
> +-- a huge indices value for month and/or year.
> +-- See also: https://github.com/LuaJIT/LuaJIT/issues/1454.
> +local test = tap.test('lj-1454-os-time')
> +
> +test:plan(1)
> +
> +local INT_MIN = -2 ^ 31
> +
> +local cur_time = os.time({
> + day = 1,
> + month = INT_MIN,
> + year = INT_MIN,
> +})
> +test:is(cur_time, nil, 'os.time() with INT_MIN')
> +
> +test:done(true)
> --
> 2.43.0
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.tarantool.org/pipermail/tarantool-patches/attachments/20260611/bba0f8dd/attachment.htm>