Processing commands for [EMAIL PROTECTED]:
> tag 162917 + wontfix
Bug#162917: libc6: strftime crashes with invalid input
There were no tags set.
Tags added: wontfix
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system adminis
tag 162917 + wontfix
thanks
On Tue, Oct 01, 2002 at 09:05:12AM +1000, Hamish Moffatt wrote:
> Package: libc6
> Version: 2.2.5-14.3
> Severity: normal
>
> strftime() causes a segmentation fault if some of the values in the tm
> argument are outside of its expected range. Here is a sample program:
On Tue, Oct 01, 2002 at 07:13:32PM -0400, Ben Collins wrote:
> > printf("%s", bogusPointer);
>
> This is the exact same problem. The segfault you get in strftime is
> caused by -1 being used as an array position (foo[-1]).
So glibc chose an implementation which is not particularly safe.
> A
Ben Collins <[EMAIL PROTECTED]>:
> On Tue, Oct 01, 2002 at 09:05:12AM +1000, Hamish Moffatt wrote:
>> strftime() causes a segmentation fault if some of the values in the tm
>> argument are outside of its expected range. Here is a sample program:
>
> Lots of things segfault on unexpected data. Why
> printf("%s", bogusPointer);
This is the exact same problem. The segfault you get in strftime is
caused by -1 being used as an array position (foo[-1]).
As I said, you got this problem by ignoring practical programming, which
means checking return values.
Anyway, if you want to really argu
> (But even nicer behavior would be to do something like "(null)", which
> is exactly what glibc's printf does.)
Oh and no, printf doesn't show "(null)" on a bogus pointer. That only
works on it actually being NULL.
--
Debian - http://www.debian.org/
Linux 1394 - http://www.linux1394.org/
S
On Tue, Oct 01, 2002 at 08:58:53PM +1000, Hamish Moffatt wrote:
> On Mon, Sep 30, 2002 at 07:45:52PM -0400, Ben Collins wrote:
> > Anything else is obviously undefined. Since SUSv2 defines the range on
> > the input parameters, it should not be expected that that all functions
> > using struct tm
On Mon, Sep 30, 2002 at 07:45:52PM -0400, Ben Collins wrote:
> Anything else is obviously undefined. Since SUSv2 defines the range on
> the input parameters, it should not be expected that that all functions
> using struct tm should have to verify all members of struct tm fit into
> the range. Tha
On Tue, Oct 01, 2002 at 09:05:12AM +1000, Hamish Moffatt wrote:
> Package: libc6
> Version: 2.2.5-14.3
> Severity: normal
>
> strftime() causes a segmentation fault if some of the values in the tm
> argument are outside of its expected range. Here is a sample program:
Lots of things segfault on
Package: libc6
Version: 2.2.5-14.3
Severity: normal
strftime() causes a segmentation fault if some of the values in the tm
argument are outside of its expected range. Here is a sample program:
#include
#include
int main() {
struct tm tmStruct;
char buf[256];
tmStruct.tm_year = 0;
tm
10 matches
Mail list logo
