From 6f80708af987852efd9ea73abf71b3e959b524d9 Mon Sep 17 00:00:00 2001
From: Dmitry Volyntsev <xeioex@nginx.com>
Date: Wed, 2 Jun 2021 13:25:32 +0000
Subject: [PATCH] Fixed integer-overflow in MakeDay().

Found by OSS-Fuzz.
---
 src/njs_date.c           | 7 ++++++-
 src/test/njs_unit_test.c | 3 +++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/njs_date.c b/src/njs_date.c
index 910579f0..1239bf6f 100644
--- a/src/njs_date.c
+++ b/src/njs_date.c
@@ -124,10 +124,15 @@ njs_make_day(int64_t yr, int64_t month, int64_t date)
     double   days;
     int64_t  i, ym, mn, md;
 
+    static const int min_year = -271821;
+    static const int max_year = 275760;
     static const int month_days[] = { 31, 28, 31, 30, 31, 30,
                                       31, 31, 30, 31, 30, 31 };
 
-    if (yr < -271822 || yr > 275761) {
+    if (yr < min_year || yr > max_year
+        || month < (min_year * 12) || month > (max_year * 12)
+        || date < (min_year * 12 * 366) || date > (max_year * 12 * 366))
+    {
         return NAN;
     }
 
diff --git a/src/test/njs_unit_test.c b/src/test/njs_unit_test.c
index e1d9cd6e..3e49360e 100644
--- a/src/test/njs_unit_test.c
+++ b/src/test/njs_unit_test.c
@@ -15211,6 +15211,9 @@ static njs_unit_test_t  njs_test[] =
     { njs_str("new Date(NaN)"),
       njs_str("Invalid Date") },
 
+    { njs_str("new Date(0, 9e99)"),
+      njs_str("Invalid Date") },
+
 #ifndef NJS_SUNC
     { njs_str("new Date(-0).getTime()"),
       njs_str("0") },
-- 
2.47.3