public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug time/30673] New: Possible SEGV in __tzfile_compute() with corrupt timezone file
@ 2023-07-24  8:54 gjduck at gmail dot com
  0 siblings, 0 replies; only message in thread
From: gjduck at gmail dot com @ 2023-07-24  8:54 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=30673

            Bug ID: 30673
           Summary: Possible SEGV in __tzfile_compute() with corrupt
                    timezone file
           Product: glibc
           Version: 2.37
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: time
          Assignee: unassigned at sourceware dot org
          Reporter: gjduck at gmail dot com
  Target Milestone: ---

Created attachment 15003
  --> https://sourceware.org/bugzilla/attachment.cgi?id=15003&action=edit
testcase

The attached timezone file seems to cause localtime() to SEGV:

    Program received signal SIGSEGV, Segmentation fault.
    ...
    #0  __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse4_2.S:227
    #1  0x00007ffff7cd2fe0 in __tzfile_compute (timer=timer@entry=1690188703,
use_localtime=use_localtime@entry=1,
        leap_correct=leap_correct@entry=0x7fffffffde60,
leap_hit=leap_hit@entry=0x7fffffffde5c,
        tp=tp@entry=0x7ffff7dfd640 <_tmbuf>) at ./time/tzfile.c:751
    #2  0x00007ffff7cd1ce0 in __tz_convert (timer=1690188703, use_localtime=1,
tp=0x7ffff7dfd640 <_tmbuf>)
        at ./time/tzset.c:580

To reproduce:
    $ TZ=$PWD/LOCALTIME date

Tested with glibc-2.37

Also, older glibc seems to give an assertion violation rather than SEGV:
    $ TZ=$PWD/LOCALTIME date
    localtime: tzfile.c:492: __tzfile_read: Assertion `num_types == 1' failed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2023-07-24  8:54 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-24  8:54 [Bug time/30673] New: Possible SEGV in __tzfile_compute() with corrupt timezone file gjduck at gmail dot com

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).