Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 15 Jun 2017 13:06:42 -0400
From: Rich Felker <>
Subject: Re: [PATCH] Handle localtime errors in ctime

On Thu, Jun 15, 2017 at 08:03:30PM +0300, Alexander Monakov wrote:
> On Thu, 15 Jun 2017, Rich Felker wrote:
> > On Thu, Jun 15, 2017 at 07:43:36PM +0300, Omer Anson wrote:
> > > ctime passes the result from localtime directly to asctime. But in case
> > > of error, localtime returns 0. This causes an error (NULL pointer
> > > dereference) in asctime.
> > > 
> > > According to the man pages [1], ctime should also return 0 upon error.
> > > Therefore, if localtime fails (return 0), ctime also returns 0.
> > > 
> > > [1]
> > Content looks good. Making minor edits for style and I'll commit.
> Um, the previous time an opposite direction was taken:

I found this in POSIX while reviewing the new patch:

[CX] [Option Start] Upon successful completion, ctime_r() shall return
a pointer to the string pointed to by buf. When an error is
encountered, a null pointer shall be returned. [Option End]

So while ISO C may not have anything to say about it (i.e. it's UB in
plain C), POSIX does seem to require handling the error. I forgot we'd
looked at this before but it seems we missed what POSIX had to say.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.