On Fri, 8 Jul 2022 11:12:17 -0700
robert <[email protected]> wrote:
> Unlike snprintf, strftime buffer contents are undefined when it fails,
> so make sure the buffer is null-terminated. To prevent garbage from
> being printed out, we simply set the timestamp to the empty string,
> but maybe setting it to "unknown time" or something similar would be
> better. Either way, I don't think this can fail until year 10000, so
> it's not a big deal.
> ---
> connection.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/connection.c b/connection.c
> index 8aca2ab..24de809 100644
> --- a/connection.c
> +++ b/connection.c
> @@ -31,7 +31,8 @@ connection_log(const struct connection *c)
> if (!strftime(tstmp, sizeof(tstmp), "%Y-%m-%dT%H:%M:%SZ",
> gmtime(&(time_t){time(NULL)}))) {
> warn("strftime: Exceeded buffer capacity");
> - /* continue anyway (we accept the truncation) */
> + tstmp[0] = '\0'; /* tstmp contents are undefined on
> failure */
> + /* continue anyway */
> }
>
> /* generate address-string */
> --
> 2.17.1
Thank you, I have applied your patch!
