parsedate() with an invalid time value seesm to create stack corruption.

[bga]

I have this email on my account that when parsed by MDR crashes it. More specifically, it crashes in parsedate(). I was able to determine that preparseDate() errors out (more specifically here:

		// if we're reached our maximum number of elements, bail out
		if (index >= MAX_ELEMENTS)
			return B_ERROR;

Then parsedate_etc() catched the error and return it to parsedate():

	if (preparseDate(dateString, elements) < B_OK) {
		*_flags = PARSEDATE_INVALID_DATE;
		return B_ERROR;
	}

This was supposed to return to parsedate() which would in turn return the error but it never actually returns. To be sure I changed parsedate() to:

time_t
parsedate(const char *dateString, time_t now)
{
	int flags = 0;
	
	printf("calling parsedate_etc()\n");
	time_t result = parsedate_etc(dateString, now, &flags);
	printf("returned from parsedate_etc()\n");
	
	return result;
}

The second printf is never printed.

I get a segfault and the following useless stack crawl on gdb:

[Switching to team /system/servers/mail_daemon (5651) thread BGA(BUG-Br) (5659)]
0x00000000 in ?? ()
(gdb) bt
#0  0x00000000 in ?? ()
(gdb) 

The emails that causes this is attached. Note the problem is its "Date" header line.

[bga]

Crashing email (check Date header)

[korli]

You might want to add your testcase in src/tests/system/libroot/os/ParseDateTest.cpp.

[bga]

Added the test case with hrev27003. Again, gdb is useless to debug this due to the stack corruption.

[axeld]

Thanks for the nice test case! Fixed in hrev27006.