Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chrono::DateTime::to_object() can panic #4029

Open
124C41p opened this issue Mar 31, 2024 · 2 comments
Open

chrono::DateTime::to_object() can panic #4029

124C41p opened this issue Mar 31, 2024 · 2 comments

Comments

@124C41p
Copy link

124C41p commented Mar 31, 2024
edited

The range of possible values of chrono::DateTime is much larger than that of Python's datetime (which is limited by 1 <= year <= 9999), so there cannot be a one to one mapping. As a consequence, the function chrono::DateTime::to_object() panics for dates far in the future or far in the past. (tested with version 0.21.0)

In most situations this is probably not an issue. In my personal use case however, I am deserializing data received over the network in an extension module, and hand the results over to a Python process. In this case, a malicious actor could crash my module by simply sending some date with year >= 10k.

Do you mind adding something like chrono::DateTime::try_to_object() which fails savely?
@adamreichold
Copy link
Member

We have a general need for fallible conversion traits but we are lacking the people to tackle this concurrently with the Bound API overhaul, c.f. #1813 and #2782.

@davidhewitt
Copy link
Member

Opened #4041 to discuss fallible traits among other things.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@davidhewitt @adamreichold @124C41p