From: Joe Simmons-Talbott <josimmon@redhat.com>
To: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
Cc: libc-alpha@sourceware.org
Subject: Re: [PATCH] time: strftime_l: Use malloc rather than an unbounded alloca.
Date: Tue, 16 May 2023 15:53:55 -0400 [thread overview]
Message-ID: <20230516195355.GF176347@oak> (raw)
In-Reply-To: <cd305746-2662-dca0-f364-80acd3e19dab@linaro.org>
On Tue, May 16, 2023 at 04:28:58PM -0300, Adhemerval Zanella Netto wrote:
>
>
> On 10/05/23 16:59, Joe Simmons-Talbott via Libc-alpha wrote:
> > Avoid possible stack overflow by replacing alloca() with malloc().
> > ---
> > time/strftime_l.c | 8 ++++++--
> > 1 file changed, 6 insertions(+), 2 deletions(-)
> >
> > diff --git a/time/strftime_l.c b/time/strftime_l.c
> > index 402c6c4111..59d3e1a3b2 100644
> > --- a/time/strftime_l.c
> > +++ b/time/strftime_l.c
> > @@ -273,8 +273,9 @@ static const CHAR_T zeroes[16] = /* "0000000000000000" */
> > const char *__s = os; \
> > memset (&__st, '\0', sizeof (__st)); \
> > l = __mbsrtowcs_l (NULL, &__s, 0, &__st, loc); \
> > - ws = alloca ((l + 1) * sizeof (wchar_t)); \
> > - (void) __mbsrtowcs_l (ws, &__s, l, &__st, loc); \
> > + ws = malloc ((l + 1) * sizeof (wchar_t)); \
> > + if (ws != NULL) \
> > + (void) __mbsrtowcs_l (ws, &__s, l, &__st, loc); \
> > }
> > #endif
> >
> > @@ -1346,7 +1347,10 @@ __strftime_internal (CHAR_T *s, size_t maxsize, const CHAR_T *format,
> > wchar_t *wczone;
> > size_t len;
> > widen (zone, wczone, len);
> > + if (wczone == NULL)
> > + return 0;
> > cpy (len, wczone);
> > + free (wczone);
> > }
> > #else
> > cpy (strlen (zone), zone);
>
> Do we have a practical maximum size for the abbreviate timezone name? The
> internal tz_rule 'name' field is just a pointer, but I think all timezones
> uses a maximum name size.
>
I was able to pass a random string in via the TZ environment variable.
I'm not sure if that matters since the size of the buffer (s) and
maxsize would still limit the amount of bytes from the TZ variable.
next prev parent reply other threads:[~2023-05-16 19:53 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-10 19:59 Joe Simmons-Talbott
2023-05-16 19:28 ` Adhemerval Zanella Netto
2023-05-16 19:53 ` Joe Simmons-Talbott [this message]
2023-05-16 22:00 ` Paul Eggert
2023-05-17 11:04 ` Adhemerval Zanella Netto
2023-05-17 17:40 ` Paul Eggert
2023-05-22 18:35 ` Joe Simmons-Talbott
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230516195355.GF176347@oak \
--to=josimmon@redhat.com \
--cc=adhemerval.zanella@linaro.org \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).