diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2014-11-21 01:00:39 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2014-11-21 01:00:39 +0000 |
| commit | 422a96a9ad6a4ffd61a706d7847f96526bfdcdd3 (patch) | |
| tree | 19cc4527aaedf512fb824bb040301a6f74446697 | |
| parent | 605803be7cdbd79b1bae78b1667bac063cfbe464 (diff) | |
fix NULL pointer dereference crash on invalid timestamp
found using Michal Zalewski's afl fuzzer
| -rw-r--r-- | usr.bin/ssh/krl.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/usr.bin/ssh/krl.c b/usr.bin/ssh/krl.c index 3444c049f32..0148e9307fd 100644 --- a/usr.bin/ssh/krl.c +++ b/usr.bin/ssh/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.18 2014/11/17 00:21:40 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.19 2014/11/21 01:00:38 djm Exp $ */ #include <sys/types.h> #include <sys/param.h> @@ -745,8 +745,12 @@ format_timestamp(u_int64_t timestamp, char *ts, size_t nts) t = timestamp; tm = localtime(&t); - *ts = '\0'; - strftime(ts, nts, "%Y%m%dT%H%M%S", tm); + if (tm == NULL) + strlcpy(ts, "<INVALID>", sizeof(nts)); + else { + *ts = '\0'; + strftime(ts, nts, "%Y%m%dT%H%M%S", tm); + } } static int |