diff options
| -rw-r--r-- | SConstruct | 1 | ||||
| -rwxr-xr-x | src/third_party/scripts/timelib_get_sources.sh | 66 | ||||
| -rw-r--r-- | src/third_party/timelib-2018.01alpha1/Makefile | 4 | ||||
| -rw-r--r-- | src/third_party/timelib-2018.01alpha1/parse_zoneinfo.c | 12 |
4 files changed, 78 insertions, 5 deletions
diff --git a/SConstruct b/SConstruct index 7ede4336041..d6f230df760 100644 --- a/SConstruct +++ b/SConstruct @@ -2235,7 +2235,6 @@ def doConfigure(myenv): AddToCCFLAGSIfSupported(myenv, "-Wno-exceptions") # These warnings begin in gcc-8.2 and we should get rid of these disables at some point. - AddToCCFLAGSIfSupported(env, '-Wno-format-truncation') AddToCXXFLAGSIfSupported(env, '-Wno-class-memaccess') diff --git a/src/third_party/scripts/timelib_get_sources.sh b/src/third_party/scripts/timelib_get_sources.sh index e09a081c901..3151222f2e8 100755 --- a/src/third_party/scripts/timelib_get_sources.sh +++ b/src/third_party/scripts/timelib_get_sources.sh @@ -52,6 +52,72 @@ cp -r $TEMP_DIR/* $DEST_DIR cd $DEST_DIR +patch -p1 <<'EOF' +From 157caf3f66da49f4df55c532a7d82a5d0aa4be11 Mon Sep 17 00:00:00 2001 +From: Derick Rethans <github@derickrethans.nl> +Date: Fri, 11 May 2018 10:51:02 +0100 +Subject: [PATCH] Fixed #37: Incorrect snprintf invocation with static buffer + +--- + Makefile | 4 ++-- + parse_zoneinfo.c | 12 ++++++++++-- + 2 files changed, 12 insertions(+), 4 deletions(-) + +diff --git a/Makefile b/Makefile +index 2094595..b6acd1a 100644 +--- a/Makefile ++++ b/Makefile +@@ -8,11 +8,11 @@ CFLAGS=-Wdeclaration-after-statement ${FLAGS} + + CPPFLAGS=${FLAGS} + +-LDFLAGS=-lm -fsanitize=undefined ++LDFLAGS=-lm -fsanitize=undefined -l:libubsan.so.1 + + TEST_LDFLAGS=-lCppUTest + +-CC=gcc ++CC=gcc-8 + MANUAL_TESTS=tests/tester-parse-interval \ + tests/tester-parse-tz tests/tester-iso-week tests/test-abbr-to-id \ + tests/enumerate-timezones tests/date_from_isodate +diff --git a/parse_zoneinfo.c b/parse_zoneinfo.c +index 654348c..875d756 100644 +--- a/parse_zoneinfo.c ++++ b/parse_zoneinfo.c +@@ -101,7 +101,8 @@ static int is_valid_tzfile(const struct stat *st, int fd) + * length of the mapped data is placed in *length. */ + static char *read_tzfile(const char *directory, const char *timezone, size_t *length) + { +- char fname[MAXPATHLEN]; ++ char *fname; ++ size_t fname_len; + char *buffer; + struct stat st; + int fd; +@@ -115,9 +116,16 @@ static char *read_tzfile(const char *directory, const char *timezone, size_t *le + return NULL; + } + +- snprintf(fname, sizeof(fname), "%s%s%s", directory, TIMELIB_DIR_SEPARATOR, timezone /* canonical_tzname(timezone) */); ++ fname_len = strlen(directory) + strlen(TIMELIB_DIR_SEPARATOR) + strlen(timezone) + 1; ++ fname = malloc(fname_len); ++ if (snprintf(fname, fname_len, "%s%s%s", directory, TIMELIB_DIR_SEPARATOR, timezone) < 0) { ++ free(fname); ++ return NULL; ++ } + + fd = open(fname, O_RDONLY); ++ free(fname); ++ + if (fd == -1) { + return NULL; + } else if (fstat(fd, &st) != 0 || !is_valid_tzfile(&st, fd)) { +-- +2.17.1 +EOF + + # Prune files rm -rf $DEST_DIR/tests rm $DEST_DIT/zones/old-tzcode-32-bit-output.tar.gz || true diff --git a/src/third_party/timelib-2018.01alpha1/Makefile b/src/third_party/timelib-2018.01alpha1/Makefile index 3e6c5dd478c..e7ebaa92ece 100644 --- a/src/third_party/timelib-2018.01alpha1/Makefile +++ b/src/third_party/timelib-2018.01alpha1/Makefile @@ -8,11 +8,11 @@ CFLAGS=-Wdeclaration-after-statement ${FLAGS} CPPFLAGS=${FLAGS} -LDFLAGS=-lm -fsanitize=undefined +LDFLAGS=-lm -fsanitize=undefined -l:libubsan.so.1 TEST_LDFLAGS=-lCppUTest -CC=gcc +CC=gcc-8 MANUAL_TESTS=tests/tester-parse-interval \ tests/tester-parse-tz tests/tester-iso-week tests/test-abbr-to-id \ tests/enumerate-timezones tests/date_from_isodate diff --git a/src/third_party/timelib-2018.01alpha1/parse_zoneinfo.c b/src/third_party/timelib-2018.01alpha1/parse_zoneinfo.c index 654348ca548..875d7564074 100644 --- a/src/third_party/timelib-2018.01alpha1/parse_zoneinfo.c +++ b/src/third_party/timelib-2018.01alpha1/parse_zoneinfo.c @@ -101,7 +101,8 @@ static int is_valid_tzfile(const struct stat *st, int fd) * length of the mapped data is placed in *length. */ static char *read_tzfile(const char *directory, const char *timezone, size_t *length) { - char fname[MAXPATHLEN]; + char *fname; + size_t fname_len; char *buffer; struct stat st; int fd; @@ -115,9 +116,16 @@ static char *read_tzfile(const char *directory, const char *timezone, size_t *le return NULL; } - snprintf(fname, sizeof(fname), "%s%s%s", directory, TIMELIB_DIR_SEPARATOR, timezone /* canonical_tzname(timezone) */); + fname_len = strlen(directory) + strlen(TIMELIB_DIR_SEPARATOR) + strlen(timezone) + 1; + fname = malloc(fname_len); + if (snprintf(fname, fname_len, "%s%s%s", directory, TIMELIB_DIR_SEPARATOR, timezone) < 0) { + free(fname); + return NULL; + } fd = open(fname, O_RDONLY); + free(fname); + if (fd == -1) { return NULL; } else if (fstat(fd, &st) != 0 || !is_valid_tzfile(&st, fd)) { |