This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug time/18985] New: Passing out of range data to strftime() causes a segfault
- From: "a.nielsen at shikadi dot net" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Sun, 20 Sep 2015 02:01:47 +0000
- Subject: [Bug time/18985] New: Passing out of range data to strftime() causes a segfault
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=18985
Bug ID: 18985
Summary: Passing out of range data to strftime() causes a
segfault
Product: glibc
Version: 2.22
Status: NEW
Severity: normal
Priority: P2
Component: time
Assignee: unassigned at sourceware dot org
Reporter: a.nielsen at shikadi dot net
Target Milestone: ---
Created attachment 8620
--> https://sourceware.org/bugzilla/attachment.cgi?id=8620&action=edit
Test case for printing an out-of-range month name
If you pass out-of-range data to the strftime() function, it will access
invalid memory and cause the calling application to crash.
You can reproduce this error by setting an out-of-range value for the
month, and then supplying a format specifier for the month name. I have
attached a test case demonstrating this.
I think it would be better for strftime() to return 0, an error, or just a
blank in the output string rather than crashing. As Mike Frysinger pointed out
on the mailing list, POSIX says "If any of the specified values are outside the
normal range, the characters stored are unspecified." There is no mention of a
crash.
This is the mailing list thread where this bug was discussed:
https://sourceware.org/ml/libc-help/2015-07/msg00025.html
--
You are receiving this mail because:
You are on the CC list for the bug.