https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=288773
Bug ID: 288773
Summary: ssh needs to check if localtime_r() returns NULL
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
In src/crypto/openssh/misc.c there is a call to localtime_r(3), but the return
value will be ignored. In case of an error, localtime_r returns NULL and the
value of &tm is undefined. A line later the value of &tm will be passed to
strftime(3) and it may segfault.
void
format_absolute_time(uint64_t t, char *buf, size_t len)
{
time_t tt = t > SSH_TIME_T_MAX ? SSH_TIME_T_MAX : t;
struct tm tm;
localtime_r(&tt, &tm);
strftime(buf, len, "%Y-%m-%dT%H:%M:%S", &tm);
}
--
You are receiving this mail because:
You are the assignee for the bug.
