From c21e99a15c030078d9bc6c0ff16c3dd43e4d3e51 Mon Sep 17 00:00:00 2001
From: "Alexander A. Klimov" <alexander.klimov@icinga.com>
Date: Wed, 15 May 2024 12:55:41 +0200
Subject: [PATCH 1/2] IcingaDB#SerializeState(): limit execution_time and
 latency to 2^32-1

not to write higher values into Redis than the Icinga DB schema can hold.
This fixes yet another potential Go daemon crash.
---
 lib/icingadb/icingadb-objects.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/icingadb/icingadb-objects.cpp b/lib/icingadb/icingadb-objects.cpp
index 6322743ecfa..920251969f2 100644
--- a/lib/icingadb/icingadb-objects.cpp
+++ b/lib/icingadb/icingadb-objects.cpp
@@ -2651,8 +2651,8 @@ Dictionary::Ptr IcingaDB::SerializeState(const Checkable::Ptr& checkable)
 
 		if (!cr->GetCommand().IsEmpty())
 			attrs->Set("check_commandline", FormatCommandLine(cr->GetCommand()));
-		attrs->Set("execution_time", TimestampToMilliseconds(fmax(0.0, cr->CalculateExecutionTime())));
-		attrs->Set("latency", TimestampToMilliseconds(cr->CalculateLatency()));
+		attrs->Set("execution_time", std::min((long long)UINT32_MAX, TimestampToMilliseconds(fmax(0.0, cr->CalculateExecutionTime()))));
+		attrs->Set("latency", std::min((long long)UINT32_MAX, TimestampToMilliseconds(cr->CalculateLatency())));
 		attrs->Set("check_source", cr->GetCheckSource());
 		attrs->Set("scheduling_source", cr->GetSchedulingSource());
 	}

From cf895e7e3f4f9b549fdabf0f9a14f65fb4cd8a88 Mon Sep 17 00:00:00 2001
From: "Alexander A. Klimov" <alexander.klimov@icinga.com>
Date: Tue, 14 May 2024 11:42:26 +0200
Subject: [PATCH 2/2] IcingaDB::TimestampToMilliseconds(): limit output to four
 year digits

Too high timestamps may overflow uint64_t (and the YYYY format) and negative
ones don't fit into uint64_t. Those may crash our Go daemon.
---
 lib/icingadb/icingadb-utility.cpp | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/icingadb/icingadb-utility.cpp b/lib/icingadb/icingadb-utility.cpp
index b247ed84a68..35f503ab53d 100644
--- a/lib/icingadb/icingadb-utility.cpp
+++ b/lib/icingadb/icingadb-utility.cpp
@@ -18,6 +18,7 @@
 #include "icinga/eventcommand.hpp"
 #include "icinga/host.hpp"
 #include <boost/algorithm/string.hpp>
+#include <cmath>
 #include <map>
 #include <utility>
 #include <vector>
@@ -245,7 +246,18 @@ String IcingaDB::GetLowerCaseTypeNameDB(const ConfigObject::Ptr& obj)
 }
 
 long long IcingaDB::TimestampToMilliseconds(double timestamp) {
-	return static_cast<long long>(timestamp * 1000);
+	// In addition to the limits of the Icinga DB MySQL (0 - 2^64) and PostgreSQL (0 - 2^63) schemata,
+	// years not fitting in YYYY may cause problems, see e.g. https://github.com/golang/go/issues/4556.
+	// RFC 3339: "All dates and times are assumed to be (...) somewhere between 0000AD and 9999AD."
+	//
+	// The below upper limit includes a safety buffer to make sure the timestamp is within 9999AD in all time zones:
+	// $ date -ud @253402214400
+	// Fri Dec 31 00:00:00 UTC 9999
+	// $ TZ=Asia/Vladivostok date -d @253402214400
+	// Fri Dec 31 10:00:00 +10 9999
+	// $ TZ=America/Juneau date -d @253402214400
+	// Thu Dec 30 15:00:00 AKST 9999
+	return std::fmin(std::fmax(timestamp, 0.0), 253402214400.0) * 1000.0;
 }
 
 String IcingaDB::IcingaToStreamValue(const Value& value)