minor fixes for tzcode1996o
Arthur David Olson
ado at elsie
Mon Jan 20 22:09:31 UTC 1997
> This fixes potential buffer overflows, corrects getopt(3) usage
> (getopt(3) returns -1, not EOF these days), and adds another
> PCTS tweak to pass an arguably bogus test. The diff is reversed,
> sorry about that.
> ...
> --- time/localtime.c Mon Jan 13 20:17:09 1997
> ...
> - if ((strlen(p) + strlen(name) + 2) >= sizeof fullname)
> + if ((strlen(p) + strlen(name) + 1) >= sizeof fullname)
> return -1;
> ...
There's a problem if the number of characters in a to-be-generated
full file name (exclusive of the trailing '\0') equals or exceeds the size of
the filename buffer. The number of characters (exclusive of the trailing '\0')
is
strlen(p) + strlen(name) + 1
(where the "1" is for the slash that separates the directory from the name)
and the size of the filename buffer is
sizeof fullname
It looks to me as if the above test is correct; does anyone see something I've
missed?
> --- time/zdump.c Mon Jan 13 20:17:17 1997
> ...
> (void) strncpy(buf, abbr(&tm), (sizeof buf) - 1);
> - buf[(sizeof buf) - 1] = '\0';
> ...
> (void) strncpy(buf, abbr(&newtm),
> (sizeof buf) - 1);
> - buf[(sizeof buf) - 1] = '\0';
> ...
> (void) strncpy(loab, abbr(&lotm), (sizeof loab) - 1);
> - loab[(sizeof loab) - 1] = '\0';
The strncpy's above all have static arrays as their destinations; since the
static array's are initialized to '\0's, and since the strncpy's can't change
the last positions in the arrays (given the "- 1"s in the strncpy arguments),
the sets of the last elements to '\0' seem unneeded. Does anyone see something
I've missed?
> --- time/zic.c Wed Jan 15 16:41:36 1997
> ...
> - while ((c = getopt(argc, argv, "d:l:p:L:vsy:")) != -1)
> + while ((c = getopt(argc, argv, "d:l:p:L:vsy:")) != EOF)
If anyone knows a good way of conditionalizing this (to cope with, for example,
SunOS 4.1.1), I'd appreciate hearing from you.
--ado
More information about the tz
mailing list