Fix Integer-overflow in base::Time::FromExploded.

base/time/time_win.cc

Index: base/time/time_win.cc
diff --git a/base/time/time_win.cc b/base/time/time_win.cc
index ba6fc1da3bf707aef82567868e425111e16ea083..43d0e5b2eae4eaf503b3e67c43b302d7190f9268 100644
--- a/base/time/time_win.cc
+++ b/base/time/time_win.cc
@@ -109,6 +109,9 @@ uint64_t QPCNowRaw() {
   return perf_counter_now.QuadPart;
 }
 
+// Maximum size of the
+const int kMaxWinWordSize = 65535;

[mmenke, 2016/10/18 15:04:50]

This should just be std::numeric_limits<WORD>::max()

+
 }  // namespace
 
 // Time -----------------------------------------------------------------------
@@ -236,6 +239,14 @@ bool Time::IsHighResolutionTimerInUse() {
 
 // static
 bool Time::FromExploded(bool is_local, const Exploded& exploded, Time* time) {
+  // Windows WORD has size of 2 bytes. Thus, maximum value that can be
+  // stored is 65535. If it is not possible to cast to WORD without an overflow,
+  // just return an error.
+  if (exploded.year > kMaxWinWordSize) {

[miu, 2016/10/18 19:55:13]

Suggestion:

  if (exploded.year > std::numeric_limits<WORD>::max()) {

...then you don't need the global constant.

Or, given mmenke's comment for the code on lines 252-260, maybe the code here
just goes away?

[maksims (do not use this acc), 2016/10/19 16:41:04]

Yes. Removed

+    *time = Time(0);
+    return false;
+  }
+
   // Create the system struct representing our exploded time. It will either be
   // in local time or UTC.
   SYSTEMTIME st;