From mboxrd@z Thu Jan 1 00:00:00 1970 From: Martin Oberhuber To: "'cygwin@sourceware.cygnus.com'" Subject: 1.1.4: BUG in date.exe causes memory overflow if resulting datestring is empty Date: Thu, 21 Sep 2000 14:52:00 -0000 Message-id: <549191FE7B71D311BC5900104B292132167EF1@kirk.takefive.co.at> X-SW-Source: 2000-09/msg00776.html When you execute date +"%Z" the date.exe program consumes all available memory until it terminates. The reason is that "%Z" results in an empty string if the time zone is not set appropriately. Looking at the code in src/shellutils/src/date.c:341 , we see the problem -- strftime(), which is used to format the date string, returns 0 both when the date string is empty and when it ran out of memory. In my opinion, this is quite sick behaviour -- but well, we can't get around strftime() if we want to be POSIXly correct. So I think the only bulletproof solution is to make sure that the date string CANNOT be empty after calling strftime(). The patch attached does just that: int in_length = strlen(formatstr); char *safe_format = (char *)malloc(in_length+2); *safe_format = 'X'; /* force non-empty result ! */ strcpy(safe_format+1, formatstr); out_length = in_length; do { out_length += 200; out = (char *) xrealloc (out, out_length); } while (strftime (out, out_length, safe_format, tm) == 0); printf ("%s\n", out+1); free(out); free(safe_format); I compiled and tested with gcc 2.95.2 -- date.exe becomes 1536 bytes larger (most probably due to using strcpy() and strlen() ) but it's safe now... [/] diff -c src/shellutils/src/date.c.orig src/shellutils/src/date.c > date_patch.txt Cheers, Martin -- ---------------------------------/()\----------------------------------- DI Martin Oberhuber mailto:martin.oberhuber@windriver.com Field Support Engineer Phone (UTC +1h): +43 (662) 457915-85 TakeFive Software GmbH, a Wind River Company Fax: +43 (662) 457915-6 Jakob-Haringer-Str.8, A-5020 Salzburg, Austria http://www.windriver.com ---------------- The Leader in Source Code Engineering -----------------