|
Date: Thu, 15 Jun 2017 13:06:42 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com Subject: Re: [PATCH] Handle localtime errors in ctime On Thu, Jun 15, 2017 at 08:03:30PM +0300, Alexander Monakov wrote: > On Thu, 15 Jun 2017, Rich Felker wrote: > > On Thu, Jun 15, 2017 at 07:43:36PM +0300, Omer Anson wrote: > > > ctime passes the result from localtime directly to asctime. But in case > > > of error, localtime returns 0. This causes an error (NULL pointer > > > dereference) in asctime. > > > > > > According to the man pages [1], ctime should also return 0 upon error. > > > Therefore, if localtime fails (return 0), ctime also returns 0. > > > > > > [1] https://linux.die.net/man/3/ctime > > > Content looks good. Making minor edits for style and I'll commit. > > Um, the previous time an opposite direction was taken: > http://www.openwall.com/lists/musl/2014/09/05/17 I found this in POSIX while reviewing the new patch: [CX] [Option Start] Upon successful completion, ctime_r() shall return a pointer to the string pointed to by buf. When an error is encountered, a null pointer shall be returned. [Option End] So while ISO C may not have anything to say about it (i.e. it's UB in plain C), POSIX does seem to require handling the error. I forgot we'd looked at this before but it seems we missed what POSIX had to say. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.