core dump from within asctime_r()

Olson, Arthur David (NIH/NCI) [E] olsona at dc37a.nci.nih.gov
Tue Feb 16 22:33:28 UTC 2010


A conservative course is to memset the state structure to all zeroes at the top of "tzload" (as below).
An alternative is to change the three "malloc(sizeof *pointer)" calls to "calloc(1, sizeof *pointer) calls in localtime.c.
I'm feeling conservative on this one.

				--ado

------- localtime.c -------
*** /tmp/geta8774	Tue Feb 16 17:24:44 2010
--- /tmp/getb8774	Tue Feb 16 17:24:44 2010
***************
*** 5,11 ****
  
  #ifndef lint
  #ifndef NOID
! static char	elsieid[] = "@(#)localtime.c	8.10";
  #endif /* !defined NOID */
  #endif /* !defined lint */
  
--- 5,11 ----
  
  #ifndef lint
  #ifndef NOID
! static char	elsieid[] = "@(#)localtime.c	8.11";
  #endif /* !defined NOID */
  #endif /* !defined lint */
  
***************
*** 350,355 ****
--- 350,356 ----
  					4 * TZ_MAX_TIMES];
  	} u;
  
+ 	memset(sp, 0, sizeof *sp);
  	if (name == NULL && (name = TZDEFAULT) == NULL)
  		return -1;
  	{






More information about the tz mailing list