Somehow some of my bash histories have acquired very large timestamps (eg,
"#143513214935906531") that cause localtime to fail. BASH's history builtin
currently crashes when it encounters this, because it passes the return
value from localtime directly into strftime, resulting in a NULL pointer
dereference.
I have confirmed the following patch avoid the crash in this case. It could
use further improvement, as the result is a bit ugly (the "invalid
timestamp" message is directly appended by the command itself), but that
was presumably already the case for other invalid timestamps.
commit 0be138c7d5c5ed9e3673e7e179595fab86f6705d
Author: Luke Dashjr <luke-jr+...@utopios.org>
Date: Sat Jan 20 03:58:54 2018 +0000
Bugfix: builtins/history: Check return value from localtime
If the timestamp is too large a number, localtime fails returning NULL.
Passing this to strftime results in a NULL pointer dereference, causing
the shell to segfault.
diff --git a/builtins/history.def b/builtins/history.def
index 48b59aeb..cd10df46 100644
--- a/builtins/history.def
+++ b/builtins/history.def
@@ -256,10 +256,12 @@ histtime (hlist, histtimefmt)
{
static char timestr[128];
time_t t;
+ struct tm *tm;
t = history_get_time (hlist);
- if (t)
- strftime (timestr, sizeof (timestr), histtimefmt, localtime (&t));
+ tm = localtime (&t);
+ if (t && tm)
+ strftime (timestr, sizeof (timestr), histtimefmt, tm);
else if (hlist->timestamp && hlist->timestamp[0])
snprintf (timestr, sizeof (timestr), _("%s: invalid timestamp"),
(hlist->timestamp[0] == '#') ? hlist->timestamp + 1: hlist->timestamp);
