aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOndřej Bílka <neleai@seznam.cz>2013-10-20 08:25:25 +0200
committerOndřej Bílka <neleai@seznam.cz>2013-10-20 08:26:05 +0200
commit45c30c61c9001867c1891f5862764f084e53f348 (patch)
treec0455f7bbf57ef230ce6dad3c448bb8ae55bed9b
parent3d7dc513b782407bd397b13771a631d9080d3aac (diff)
downloadglibc-45c30c61c9001867c1891f5862764f084e53f348.zip
glibc-45c30c61c9001867c1891f5862764f084e53f348.tar.gz
glibc-45c30c61c9001867c1891f5862764f084e53f348.tar.bz2
Replace alloca in __tzfile_read by malloc. Fixes bug 15670
-rw-r--r--ChangeLog5
-rw-r--r--NEWS10
-rw-r--r--time/tzfile.c26
3 files changed, 18 insertions, 23 deletions
diff --git a/ChangeLog b/ChangeLog
index d2de84a..1f2d833 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2013-10-19 Ondřej Bílka <neleai@seznam.cz>
+
+ [BZ #15670]
+ * time/tzfile.c (__tzfile_read): Replace alloca with malloc.
+
2013-10-18 Carlos O'Donell <carlos@redhat.com>
* manual/crypt.texi (Cryptographic Functions): Using SunRPC and
diff --git a/NEWS b/NEWS
index 9e32ba5..93f884d 100644
--- a/NEWS
+++ b/NEWS
@@ -11,11 +11,11 @@ Version 2.19
156, 431, 832, 13028, 13982, 13985, 14155, 14547, 14699, 14910, 15048,
15218, 15277, 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608,
- 15609, 15610, 15632, 15640, 15672, 15680, 15681, 15723, 15734, 15735,
- 15736, 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847, 15849,
- 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893,
- 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15948, 15963,
- 15966, 15988, 16032, 16034, 16036, 16041.
+ 15609, 15610, 15632, 15640, 15670, 15672, 15680, 15681, 15723, 15734,
+ 15735, 15736, 15748, 15749, 15754, 15760, 15764, 15797, 15844, 15847,
+ 15849, 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892,
+ 15893, 15895, 15897, 15905, 15909, 15919, 15921, 15923, 15939, 15948,
+ 15963, 15966, 15988, 16032, 16034, 16036, 16041.
* CVE-2012-4412 The strcoll implementation caches indices and rules for
large collation sequences to optimize multiple passes. This cache
diff --git a/time/tzfile.c b/time/tzfile.c
index 9dd5130..3ea3051 100644
--- a/time/tzfile.c
+++ b/time/tzfile.c
@@ -114,6 +114,7 @@ __tzfile_read (const char *file, size_t extra, char **extrap)
int was_using_tzfile = __use_tzfile;
int trans_width = 4;
size_t tzspec_len;
+ char *new = NULL;
if (sizeof (time_t) != 4 && sizeof (time_t) != 8)
abort ();
@@ -145,22 +146,12 @@ __tzfile_read (const char *file, size_t extra, char **extrap)
if (*file != '/')
{
const char *tzdir;
- unsigned int len, tzdir_len;
- char *new, *tmp;
tzdir = getenv ("TZDIR");
if (tzdir == NULL || *tzdir == '\0')
- {
- tzdir = default_tzdir;
- tzdir_len = sizeof (default_tzdir) - 1;
- }
- else
- tzdir_len = strlen (tzdir);
- len = strlen (file) + 1;
- new = (char *) __alloca (tzdir_len + 1 + len);
- tmp = __mempcpy (new, tzdir, tzdir_len);
- *tmp++ = '/';
- memcpy (tmp, file, len);
+ tzdir = default_tzdir;
+ if (__asprintf (&new, "%s/%s", tzdir, file) == -1)
+ goto ret_free_transitions;
file = new;
}
@@ -170,11 +161,7 @@ __tzfile_read (const char *file, size_t extra, char **extrap)
&& stat64 (file, &st) == 0
&& tzfile_ino == st.st_ino && tzfile_dev == st.st_dev
&& tzfile_mtime == st.st_mtime)
- {
- /* Nothing to do. */
- __use_tzfile = 1;
- return;
- }
+ goto done; /* Nothing to do. */
/* Note the file is opened with cancellation in the I/O functions
disabled and if available FD_CLOEXEC set. */
@@ -527,12 +514,15 @@ __tzfile_read (const char *file, size_t extra, char **extrap)
__daylight = rule_stdoff != rule_dstoff;
__timezone = -rule_stdoff;
+ done:
__use_tzfile = 1;
+ free (new);
return;
lose:
fclose (f);
ret_free_transitions:
+ free (new);
free ((void *) transitions);
transitions = NULL;
}