summaryrefslogtreecommitdiff
path: root/time
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2005-10-14 14:10:20 +0000
committerUlrich Drepper <drepper@redhat.com>2005-10-14 14:10:20 +0000
commit576c8451485408d776914e756e5cc554e9d93eda (patch)
tree36c76940f6aaea04798eac3d55d4684bca69662e /time
parent93c6cb8b8d5c48944c82243b82713e97fd13dc17 (diff)
downloadglibc-576c8451485408d776914e756e5cc554e9d93eda.tar.gz
[BZ #1459]
* time/asctime.c (__asctime_r): Check for tm_year computation to overflow and fail in this case. * time/Makefile (tests): Add bug-asctime. * time/bug-asctime.c: New file.
Diffstat (limited to 'time')
-rw-r--r--time/Makefile2
-rw-r--r--time/asctime.c17
-rw-r--r--time/bug-asctime.c32
3 files changed, 49 insertions, 2 deletions
diff --git a/time/Makefile b/time/Makefile
index 14313563eb..cb4837c183 100644
--- a/time/Makefile
+++ b/time/Makefile
@@ -35,7 +35,7 @@ distribute := datemsk
tests := test_time clocktest tst-posixtz tst-strptime tst_wcsftime \
tst-getdate tst-mktime tst-mktime2 tst-ftime_l tst-strftime \
- tst-mktime3 tst-strptime2
+ tst-mktime3 tst-strptime2 bug-asctime
include ../Rules
diff --git a/time/asctime.c b/time/asctime.c
index f20b311bb5..8ac4aa76a4 100644
--- a/time/asctime.c
+++ b/time/asctime.c
@@ -1,4 +1,5 @@
-/* Copyright (C) 1991,1993,1995-1997,2000,2002 Free Software Foundation, Inc.
+/* Copyright (C) 1991,1993,1995-1997,2000,2002,2005
+ Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -18,6 +19,7 @@
#include "../locale/localeinfo.h"
#include <errno.h>
+#include <limits.h>
#include <stdio.h>
#include <time.h>
@@ -47,6 +49,19 @@ __asctime_r (const struct tm *tp, char *buf)
return NULL;
}
+ /* We limit the size of the year which can be printed. Using the %d
+ format specifier used the addition of 1900 would overflow the
+ number and a negative vaue is printed. For some architectures we
+ could in theory use %ld or an evern larger integer format but
+ this would mean the output needs more space. This would not be a
+ problem if the 'asctime_r' interface would be defined sanely and
+ a buffer size would be passed. */
+ if (__builtin_expect (tp->tm_year > INT_MAX - 1900, 0))
+ {
+ __set_errno (EOVERFLOW);
+ return NULL;
+ }
+
if (sprintf (buf, format,
(tp->tm_wday < 0 || tp->tm_wday >= 7 ?
"???" : ab_day_name (tp->tm_wday)),
diff --git a/time/bug-asctime.c b/time/bug-asctime.c
new file mode 100644
index 0000000000..7204e1b2fe
--- /dev/null
+++ b/time/bug-asctime.c
@@ -0,0 +1,32 @@
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include <time.h>
+
+
+static int
+do_test (void)
+{
+ int result = 0;
+ time_t t = time (NULL);
+ struct tm *tp = localtime (&t);
+ tp->tm_year = INT_MAX;
+ errno = 0;
+ char *s = asctime (tp);
+ if (s != NULL || errno != EOVERFLOW)
+ {
+ puts ("asctime did not fail correctly");
+ result = 1;
+ }
+ char buf[1000];
+ s = asctime_r (tp, buf);
+ if (s != NULL || errno != EOVERFLOW)
+ {
+ puts ("asctime_r did not fail correctly");
+ result = 1;
+ }
+ return result;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"