From 576c8451485408d776914e756e5cc554e9d93eda Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Fri, 14 Oct 2005 14:10:20 +0000 Subject: [PATCH] [BZ #1459] * time/asctime.c (__asctime_r): Check for tm_year computation to overflow and fail in this case. * time/Makefile (tests): Add bug-asctime. * time/bug-asctime.c: New file. --- ChangeLog | 6 ++++++ time/Makefile | 2 +- time/asctime.c | 17 ++++++++++++++++- time/bug-asctime.c | 32 ++++++++++++++++++++++++++++++++ 4 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 time/bug-asctime.c diff --git a/ChangeLog b/ChangeLog index 9c9ac3040a..430decf37a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ 2005-10-14 Ulrich Drepper + [BZ #1459] + * time/asctime.c (__asctime_r): Check for tm_year computation to + overflow and fail in this case. + * time/Makefile (tests): Add bug-asctime. + * time/bug-asctime.c: New file. + [BZ #1458] * sysdeps/unix/sysv/linux/i386/bits/mman.h: Define MREMAP_FIXED. * sysdeps/unix/sysv/linux/ia64/bits/mman.h: Likewise. diff --git a/time/Makefile b/time/Makefile index 14313563eb..cb4837c183 100644 --- a/time/Makefile +++ b/time/Makefile @@ -35,7 +35,7 @@ distribute := datemsk tests := test_time clocktest tst-posixtz tst-strptime tst_wcsftime \ tst-getdate tst-mktime tst-mktime2 tst-ftime_l tst-strftime \ - tst-mktime3 tst-strptime2 + tst-mktime3 tst-strptime2 bug-asctime include ../Rules diff --git a/time/asctime.c b/time/asctime.c index f20b311bb5..8ac4aa76a4 100644 --- a/time/asctime.c +++ b/time/asctime.c @@ -1,4 +1,5 @@ -/* Copyright (C) 1991,1993,1995-1997,2000,2002 Free Software Foundation, Inc. +/* Copyright (C) 1991,1993,1995-1997,2000,2002,2005 + Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -18,6 +19,7 @@ #include "../locale/localeinfo.h" #include +#include #include #include @@ -47,6 +49,19 @@ __asctime_r (const struct tm *tp, char *buf) return NULL; } + /* We limit the size of the year which can be printed. Using the %d + format specifier used the addition of 1900 would overflow the + number and a negative vaue is printed. For some architectures we + could in theory use %ld or an evern larger integer format but + this would mean the output needs more space. This would not be a + problem if the 'asctime_r' interface would be defined sanely and + a buffer size would be passed. */ + if (__builtin_expect (tp->tm_year > INT_MAX - 1900, 0)) + { + __set_errno (EOVERFLOW); + return NULL; + } + if (sprintf (buf, format, (tp->tm_wday < 0 || tp->tm_wday >= 7 ? "???" : ab_day_name (tp->tm_wday)), diff --git a/time/bug-asctime.c b/time/bug-asctime.c new file mode 100644 index 0000000000..7204e1b2fe --- /dev/null +++ b/time/bug-asctime.c @@ -0,0 +1,32 @@ +#include +#include +#include +#include + + +static int +do_test (void) +{ + int result = 0; + time_t t = time (NULL); + struct tm *tp = localtime (&t); + tp->tm_year = INT_MAX; + errno = 0; + char *s = asctime (tp); + if (s != NULL || errno != EOVERFLOW) + { + puts ("asctime did not fail correctly"); + result = 1; + } + char buf[1000]; + s = asctime_r (tp, buf); + if (s != NULL || errno != EOVERFLOW) + { + puts ("asctime_r did not fail correctly"); + result = 1; + } + return result; +} + +#define TEST_FUNCTION do_test () +#include "../test-skeleton.c"