This is the mail archive of the libc-alpha@cygnus.com mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

glibc strftime.c bug: storing past the end of a zero-sized buffer

To: libc-alpha@cygnus.com
Subject: glibc strftime.c bug: storing past the end of a zero-sized buffer
From: Paul Eggert <eggert@twinsun.com>
Date: Thu, 24 Sep 1998 13:49:19 -0700 (PDT)
References: <199809241751.LAA02366@wijiji.santafe.edu>

While fixing the other bugs, I noticed by code inspection that glibc's
strftime (BUFFER, 0, "", ...)  stores a byte into BUFFER, even though
the buffer's declared size is zero.  Here is a patch.

1998-09-24  Paul Eggert  <eggert@twinsun.com>

	* strftime.c (my_strftime): Don't store past the end of a
	zero-sized buffer.

--- strftime.c	1998/09/24 20:39:19	2.0.96.3
+++ strftime.c	1998/09/24 20:46:02	2.0.96.4
@@ -450,4 +450,7 @@ my_strftime (s, maxsize, format, tp)
   const char *f;
 
+  if (maxsize == 0)
+    return 0;
+
   zone = NULL;
 #if HAVE_TM_ZONE

Follow-Ups:
- Re: glibc strftime.c bug: storing past the end of a zero-sized buffer
  - From: Ulrich Drepper <drepper@cygnus.com>

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]