[30284] in CVS-changelog-for-Kerberos-V5
krb5 commit: Check more time function results
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Sep 5 17:12:27 2018
Date: Wed, 5 Sep 2018 17:12:16 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201809052112.w85LCG4g008363@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/88ce983a3be9ef0d740ceafee1e82de06b8b987e
commit 88ce983a3be9ef0d740ceafee1e82de06b8b987e
Author: Greg Hudson <ghudson@mit.edu>
Date: Sat Sep 1 17:30:33 2018 -0400
Check more time function results
In logger.c:klog_vsyslog(), check the return value of localtime(). In
ldap_principal2.c:getstringtime(), check the strftime() result and
don't leak strtime on error.
src/lib/kadm5/logger.c | 6 +++++-
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c | 12 +++++++-----
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
index eff8a8a..68fd82f 100644
--- a/src/lib/kadm5/logger.c
+++ b/src/lib/kadm5/logger.c
@@ -638,6 +638,7 @@ klog_vsyslog(int priority, const char *format, va_list arglist)
time_t now;
#ifdef HAVE_STRFTIME
size_t soff;
+ struct tm *tm;
#else
char *r;
#endif
@@ -657,7 +658,10 @@ klog_vsyslog(int priority, const char *format, va_list arglist)
/*
* Format the date: mon dd hh:mm:ss
*/
- soff = strftime(outbuf, sizeof(outbuf), "%b %d %H:%M:%S", localtime(&now));
+ tm = localtime(&now);
+ if (tm == NULL)
+ return(-1);
+ soff = strftime(outbuf, sizeof(outbuf), "%b %d %H:%M:%S", tm);
if (soff > 0)
cp += soff;
else
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
index b7c9212..4dac242 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
@@ -1748,13 +1748,15 @@ getstringtime(krb5_timestamp epochtime)
char *strtime=NULL;
time_t posixtime = ts2tt(epochtime);
- strtime = calloc (50, 1);
- if (strtime == NULL)
- return NULL;
-
if (gmtime_r(&posixtime, &tme) == NULL)
return NULL;
- strftime(strtime, 50, "%Y%m%d%H%M%SZ", &tme);
+ strtime = calloc(50, 1);
+ if (strtime == NULL)
+ return NULL;
+ if (strftime(strtime, 50, "%Y%m%d%H%M%SZ", &tme) == 0) {
+ free(strtime);
+ return NULL;
+ }
return strtime;
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
