util: check for gmtime() error
Fix the UTI_TimeToLogForm() function to check if gmtime() didn't fail. This caused chronyc to crash due to dereferencing a NULL pointer when a response to the "manual list" request contained time which gmtime() could not convert to broken-down representation. This issue was found in an audit performed by Cure53 and sponsored by Mozilla.
This commit is contained in:
Miroslav Lichvar
parent
a06c9909a6
commit
f40b0024bd
1 changed files with 7 additions and 3 deletions
10
util.c
10
util.c
|
|
@ -610,13 +610,17 @@ UTI_SockaddrFamilyToString(int family)
|
|||
char *
|
||||
UTI_TimeToLogForm(time_t t)
|
||||
{
|
||||
struct tm stm;
|
||||
struct tm *stm;
|
||||
char *result;
|
||||
|
||||
result = NEXT_BUFFER;
|
||||
|
||||
stm = *gmtime(&t);
|
||||
strftime(result, BUFFER_LENGTH, "%Y-%m-%d %H:%M:%S", &stm);
|
||||
stm = gmtime(&t);
|
||||
|
||||
if (stm)
|
||||
strftime(result, BUFFER_LENGTH, "%Y-%m-%d %H:%M:%S", stm);
|
||||
else
|
||||
snprintf(result, BUFFER_LENGTH, "INVALID INVALID ");
|
||||
|
||||
return result;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue