apparent bug in 7/26/06 version of 'tzload()'

David Lawless lawless at spamcop.net
Thu Jul 27 17:55:52 UTC 2006


While experimenting with 'localhost.c' I discovered a bug in 
'localtime.c' in 'tzload()'.  The last few lines setup two 
flags 'goback' and 'goahead'.  This code executes some invalid 
negative-offset array dereferences when the number of points in 
the array is too small.  RHEL4.3 (CentOS 4.3) has zone files 
with fewer than 800 years in them and provokes this.

I believe the attached patch corrects the problem.  However I 
don't understand the purpose of the code and may have got it 
wrong.

Please CC my e-mail with any replies as I'm not on the mailing list.

Regards,

David Lawless
-------------- next part --------------
A non-text attachment was scrubbed...
Name: localtime.patch
Type: application/octet-stream
Size: 896 bytes
Desc: not available
Url : http://mm.icann.org/pipermail/tz/attachments/20060727/ed01e150/localtime-0001.patch 


More information about the tz mailing list