From f40b0024bd43b24d4d3a97ba28def9b4fdfc336e Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Thu, 24 Aug 2017 11:12:14 +0200
Subject: [PATCH] util: check for gmtime() error

Fix the UTI_TimeToLogForm() function to check if gmtime() didn't fail.
This caused chronyc to crash due to dereferencing a NULL pointer when
a response to the "manual list" request contained time which gmtime()
could not convert to broken-down representation.

This issue was found in an audit performed by Cure53 and sponsored by
Mozilla.
---
 util.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/util.c b/util.c
index be47f1c..b562fed 100644
--- a/util.c
+++ b/util.c
@@ -610,13 +610,17 @@ UTI_SockaddrFamilyToString(int family)
 char *
 UTI_TimeToLogForm(time_t t)
 {
-  struct tm stm;
+  struct tm *stm;
   char *result;
 
   result = NEXT_BUFFER;
 
-  stm = *gmtime(&t);
-  strftime(result, BUFFER_LENGTH, "%Y-%m-%d %H:%M:%S", &stm);
+  stm = gmtime(&t);
+
+  if (stm)
+    strftime(result, BUFFER_LENGTH, "%Y-%m-%d %H:%M:%S", stm);
+  else
+    snprintf(result, BUFFER_LENGTH, "INVALID    INVALID ");
 
   return result;
 }