[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BUG in date program causes memory overflow if resulting datestrin g is e

From: Martin Oberhuber
Subject: BUG in date program causes memory overflow if resulting datestrin g is empty
Date: Tue, 28 Nov 2000 18:27:41 +0100


When you execute
   date +"%Z"
in an environment where the time zone is not defined (e.g. cygwin),
the date program consumes all available memory until it terminates. 

Looking at the code in src/shellutils/src/date.c:341 , we see
the problem -- strftime(), which is used to format the date
string, returns 0 both when the date string is empty and when
it ran out of memory. In my opinion, this is quite sick behaviour
-- but well, we can't get around strftime() if we want to be
POSIXly correct.

So I think the only bulletproof solution is to make sure that
the date string CANNOT be empty after calling strftime().
The patch attached does just that:

  int in_length = strlen(formatstr);
  char *safe_format = (char *)malloc(in_length+2);
  *safe_format = 'X';   /* force non-empty result ! */
  strcpy(safe_format+1, formatstr);
  out_length = in_length;
  do {
    out_length += 200;
    out = (char *) xrealloc (out, out_length);
  while (strftime (out, out_length, safe_format, tm) == 0);
  printf ("%s\n", out+1);

I compiled and tested with gcc 2.95.2 -- date.exe becomes 1536 bytes
larger (most probably due to using strcpy() and strlen() ) but it's
safe now...

[/] diff -c src/shellutils/src/date.c.orig src/shellutils/src/date.c > 


DI Martin Oberhuber                mailto:address@hidden
Field Support Engineer             Phone  (UTC +1h): +43 (662) 457915-85
TakeFive Software GmbH, a Wind River Company    Fax: +43 (662) 457915-6
Jakob-Haringer-Str.8, A-5020 Salzburg, Austria  http://www.windriver.com
---------------- The Leader in Source Code Engineering -----------------

Attachment: date_patch.txt
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]