diff options
| author | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2008-06-11 02:19:14 +0000 |
|---|---|---|
| committer | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2008-06-11 02:19:14 +0000 |
| commit | 5739b8928a4f63a5b2481383b7afc7076973606d (patch) | |
| tree | 0dc7c9ed718b93ea7a822edcdb2dbf56c1f0fb27 | |
| parent | 2d78e6e42241150fbd1fb65ecc37b5fab793e8b6 (diff) | |
Avoid possible NULL pointer dereferences by using reentrant versions
of time functions.
ok joris
| -rw-r--r-- | usr.bin/cvs/checkout.c | 12 | ||||
| -rw-r--r-- | usr.bin/cvs/client.c | 34 | ||||
| -rw-r--r-- | usr.bin/cvs/diff.c | 13 | ||||
| -rw-r--r-- | usr.bin/cvs/diff_internals.c | 35 | ||||
| -rw-r--r-- | usr.bin/cvs/edit.c | 19 | ||||
| -rw-r--r-- | usr.bin/cvs/entries.c | 8 | ||||
| -rw-r--r-- | usr.bin/cvs/status.c | 9 |
7 files changed, 69 insertions, 61 deletions
diff --git a/usr.bin/cvs/checkout.c b/usr.bin/cvs/checkout.c index d4b9fd99f49..48ad8d019e3 100644 --- a/usr.bin/cvs/checkout.c +++ b/usr.bin/cvs/checkout.c @@ -1,4 +1,4 @@ -/* $OpenBSD: checkout.c,v 1.148 2008/06/10 20:30:17 joris Exp $ */ +/* $OpenBSD: checkout.c,v 1.149 2008/06/11 02:19:13 tobias Exp $ */ /* * Copyright (c) 2006 Joris Vink <joris@openbsd.org> * @@ -25,6 +25,7 @@ #include <libgen.h> #include <stdlib.h> #include <string.h> +#include <time.h> #include <unistd.h> #include "cvs.h" @@ -435,7 +436,7 @@ cvs_checkout_file(struct cvs_file *cf, RCSNUM *rnum, char *tag, int co_flags) time_t rcstime; CVSENTRIES *ent; struct timeval tv[2]; - struct tm *datetm; + struct tm datetm; char *tosend; char template[MAXPATHLEN], *entry; char kbuf[8], sticky[CVS_REV_BUFSZ], rev[CVS_REV_BUFSZ]; @@ -498,7 +499,8 @@ cvs_checkout_file(struct cvs_file *cf, RCSNUM *rnum, char *tag, int co_flags) time(&rcstime); } - asctime_r(gmtime(&rcstime), tbuf); + gmtime_r(&rcstime, &datetm); + asctime_r(&datetm, tbuf); tbuf[strcspn(tbuf, "\n")] = '\0'; if (co_flags & CO_MERGE) { @@ -512,9 +514,9 @@ cvs_checkout_file(struct cvs_file *cf, RCSNUM *rnum, char *tag, int co_flags) if (tag != NULL) (void)xsnprintf(sticky, sizeof(sticky), "T%s", tag); else if (cvs_specified_date != -1) { - datetm = gmtime(&cvs_specified_date); + gmtime_r(&cvs_specified_date, &datetm); (void)strftime(sticky, sizeof(sticky), - "D"CVS_DATE_FMT, datetm); + "D"CVS_DATE_FMT, &datetm); } else (void)xsnprintf(sticky, sizeof(sticky), "T%s", rev); else if (!reset_tag && cf->file_ent != NULL && diff --git a/usr.bin/cvs/client.c b/usr.bin/cvs/client.c index 2e2d64646e9..4e2de50c91b 100644 --- a/usr.bin/cvs/client.c +++ b/usr.bin/cvs/client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: client.c,v 1.114 2008/06/10 05:01:36 tobias Exp $ */ +/* $OpenBSD: client.c,v 1.115 2008/06/11 02:19:13 tobias Exp $ */ /* * Copyright (c) 2006 Joris Vink <joris@openbsd.org> * @@ -27,6 +27,7 @@ #include <pwd.h> #include <stdlib.h> #include <string.h> +#include <time.h> #include <unistd.h> #include "cvs.h" @@ -456,7 +457,7 @@ void cvs_client_sendfile(struct cvs_file *cf) { size_t len; - struct tm *datetm; + struct tm datetm; char rev[CVS_REV_BUFSZ], timebuf[CVS_TIME_BUFSZ], sticky[CVS_REV_BUFSZ]; if (cf->file_type != CVS_FILE) @@ -503,9 +504,9 @@ cvs_client_sendfile(struct cvs_file *cf) (void)xsnprintf(sticky, sizeof(sticky), "T%s", cf->file_ent->ce_tag); } else if (cf->file_ent->ce_date != -1) { - datetm = gmtime(&(cf->file_ent->ce_date)); + gmtime_r(&(cf->file_ent->ce_date), &datetm); (void)strftime(sticky, sizeof(sticky), - "D"CVS_DATE_FMT, datetm); + "D"CVS_DATE_FMT, &datetm); } cvs_client_send_request("Entry /%s/%s%s/%s/%s/%s", @@ -613,7 +614,7 @@ cvs_client_checkedin(char *data) CVSENTRIES *entlist; struct cvs_ent *ent, *newent; size_t len; - struct tm *datetm; + struct tm datetm; char *dir, *e, *entry, rev[CVS_REV_BUFSZ]; char sticky[CVS_ENT_MAXLINELEN], timebuf[CVS_TIME_BUFSZ]; @@ -652,9 +653,9 @@ cvs_client_checkedin(char *data) (void)xsnprintf(sticky, sizeof(sticky), "T%s", newent->ce_tag); } else if (newent->ce_date != -1) { - datetm = gmtime(&(newent->ce_date)); + gmtime_r(&(newent->ce_date), &datetm); (void)strftime(sticky, sizeof(sticky), - "D"CVS_DATE_FMT, datetm); + "D"CVS_DATE_FMT, &datetm); } cvs_ent_free(ent); @@ -683,7 +684,7 @@ cvs_client_updated(char *data) CVSENTRIES *ent; struct cvs_ent *e; const char *errstr; - struct tm *datetm; + struct tm datetm; struct timeval tv[2]; char repo[MAXPATHLEN], *entry; char timebuf[CVS_TIME_BUFSZ], revbuf[CVS_REV_BUFSZ]; @@ -719,7 +720,8 @@ cvs_client_updated(char *data) fmode &= ~cvs_umask; time(&now); - asctime_r(gmtime(&now), timebuf); + gmtime_r(&now, &datetm); + asctime_r(&datetm, timebuf); timebuf[strcspn(timebuf, "\n")] = '\0'; e = cvs_ent_parse(en); @@ -729,9 +731,9 @@ cvs_client_updated(char *data) if (e->ce_tag != NULL) { (void)xsnprintf(sticky, sizeof(sticky), "T%s", e->ce_tag); } else if (e->ce_date != -1) { - datetm = gmtime(&(e->ce_date)); + gmtime_r(&(e->ce_date), &datetm); (void)strftime(sticky, sizeof(sticky), - "D"CVS_DATE_FMT, datetm); + "D"CVS_DATE_FMT, &datetm); } rcsnum_tostr(e->ce_rev, revbuf, sizeof(revbuf)); @@ -783,6 +785,7 @@ cvs_client_merged(char *data) CVSENTRIES *ent; const char *errstr; struct timeval tv[2]; + struct tm datetm; char timebuf[CVS_TIME_BUFSZ], *repo, *rpath, *entry, *mode; char *len, *fpath, *wdir; @@ -819,7 +822,8 @@ cvs_client_merged(char *data) fmode &= ~cvs_umask; time(&now); - asctime_r(gmtime(&now), timebuf); + gmtime_r(&now, &datetm); + asctime_r(&datetm, timebuf); timebuf[strcspn(timebuf, "\n")] = '\0'; ent = cvs_ent_open(wdir); @@ -1015,7 +1019,7 @@ cvs_client_initlog(void) { u_int i; char *env, *envdup, buf[MAXPATHLEN], fpath[MAXPATHLEN]; - char rpath[MAXPATHLEN], *s; + char rpath[MAXPATHLEN], timebuf[CVS_TIME_BUFSZ], *s; struct stat st; time_t now; struct passwd *pwd; @@ -1050,7 +1054,9 @@ cvs_client_initlog(void) break; case 'd': time(&now); - if (strlcpy(fpath, ctime(&now), sizeof(fpath)) >= + ctime_r(&now, timebuf); + timebuf[strcspn(timebuf, "\n")] = '\0'; + if (strlcpy(fpath, timebuf, sizeof(fpath)) >= sizeof(fpath)) fatal("cvs_client_initlog: truncation"); break; diff --git a/usr.bin/cvs/diff.c b/usr.bin/cvs/diff.c index 2720a881adf..3bae718ce0d 100644 --- a/usr.bin/cvs/diff.c +++ b/usr.bin/cvs/diff.c @@ -1,4 +1,4 @@ -/* $OpenBSD: diff.c,v 1.138 2008/06/10 17:34:36 tobias Exp $ */ +/* $OpenBSD: diff.c,v 1.139 2008/06/11 02:19:13 tobias Exp $ */ /* * Copyright (c) 2008 Tobias Stoeckmann <tobias@openbsd.org> * Copyright (c) 2006 Joris Vink <joris@openbsd.org> @@ -23,6 +23,7 @@ #include <fcntl.h> #include <stdlib.h> #include <string.h> +#include <time.h> #include <unistd.h> #include "cvs.h" @@ -244,7 +245,7 @@ cvs_diff_local(struct cvs_file *cf) int fd1, fd2; struct stat st; struct timeval tv[2], tv2[2]; - struct tm *datetm; + struct tm datetm; char rbuf[CVS_REV_BUFSZ], tbuf[CVS_TIME_BUFSZ], *p1, *p2; b1 = NULL; @@ -327,9 +328,9 @@ cvs_diff_local(struct cvs_file *cf) cvs_log(LP_ERR, "tag %s not in file %s", rev1, cf->file_path); else { - datetm = gmtime(&cvs_specified_date); + gmtime_r(&cvs_specified_date, &datetm); strftime(tbuf, sizeof(tbuf), - "%Y.%m.%d.%H.%M.%S", datetm); + "%Y.%m.%d.%H.%M.%S", &datetm); cvs_log(LP_ERR, "no revision for date %s in " "file %s", tbuf, cf->file_path); } @@ -361,9 +362,9 @@ cvs_diff_local(struct cvs_file *cf) cvs_log(LP_ERR, "tag %s not in file %s", rev2, cf->file_path); } else { - datetm = gmtime(&cvs_specified_date); + gmtime_r(&cvs_specified_date, &datetm); strftime(tbuf, sizeof(tbuf), - "%Y.%m.%d.%H.%M.%S", datetm); + "%Y.%m.%d.%H.%M.%S", &datetm); cvs_log(LP_ERR, "no revision for date %s in " "file %s", tbuf, cf->file_path); } diff --git a/usr.bin/cvs/diff_internals.c b/usr.bin/cvs/diff_internals.c index f703e354fda..837ba9d6643 100644 --- a/usr.bin/cvs/diff_internals.c +++ b/usr.bin/cvs/diff_internals.c @@ -1,4 +1,4 @@ -/* $OpenBSD: diff_internals.c,v 1.23 2008/06/10 05:01:36 tobias Exp $ */ +/* $OpenBSD: diff_internals.c,v 1.24 2008/06/11 02:19:13 tobias Exp $ */ /* * Copyright (C) Caldera International Inc. 2001-2002. * All rights reserved. @@ -73,6 +73,7 @@ #include <stddef.h> #include <stdio.h> #include <string.h> +#include <time.h> #include <unistd.h> #include "cvs.h" @@ -878,19 +879,19 @@ static void diff_head(void) { char buf[64]; - struct tm *t; + struct tm t; time_t curr_time; if (diff_rev1 != NULL) { - t = gmtime(&stb1.st_mtime); + gmtime_r(&stb1.st_mtime, &t); } else { time(&curr_time); - t = localtime(&curr_time); + localtime_r(&curr_time, &t); } - (void)strftime(buf, sizeof(buf), "%b %G %H:%M:%S -0000", t); + (void)strftime(buf, sizeof(buf), "%b %G %H:%M:%S -0000", &t); diff_output("%s %s %d %s", diff_format == D_CONTEXT ? - "***" : "---", diff_file1, t->tm_mday, buf); + "***" : "---", diff_file1, t.tm_mday, buf); if (diff_rev1 != NULL) { rcsnum_tostr(diff_rev1, buf, sizeof(buf)); @@ -899,11 +900,11 @@ diff_head(void) diff_output("\n"); - t = gmtime(&stb2.st_mtime); + gmtime_r(&stb2.st_mtime, &t); - (void)strftime(buf, sizeof(buf), "%b %G %H:%M:%S -0000", t); + (void)strftime(buf, sizeof(buf), "%b %G %H:%M:%S -0000", &t); diff_output("%s %s %d %s", diff_format == D_CONTEXT ? - "---" : "+++", diff_file2, t->tm_mday, buf); + "---" : "+++", diff_file2, t.tm_mday, buf); if (diff_rev2 != NULL) { rcsnum_tostr(diff_rev2, buf, sizeof(buf)); @@ -917,37 +918,37 @@ static void rdiff_head(void) { char buf[64]; - struct tm *t; + struct tm t; time_t curr_time; if (diff_rev1 != NULL) { - t = localtime(&stb1.st_mtime); + localtime_r(&stb1.st_mtime, &t); } else { time(&curr_time); - t = localtime(&curr_time); + localtime_r(&curr_time, &t); } diff_output("%s ", diff_format == D_CONTEXT ? "***" : "---"); if (diff_rev1 == NULL) { diff_output("%s", CVS_PATH_DEVNULL); - t = gmtime(&stb1.st_atime); + gmtime_r(&stb1.st_atime, &t); } else { rcsnum_tostr(diff_rev1, buf, sizeof(buf)); diff_output("%s:%s", diff_file1, buf); } - (void)strftime(buf, sizeof(buf), "%a %b %e %H:%M:%S %G", t); + (void)strftime(buf, sizeof(buf), "%a %b %e %H:%M:%S %G", &t); diff_output("\t%s\n", buf); if (diff_rev2 != NULL) { - t = localtime(&stb2.st_mtime); + localtime_r(&stb2.st_mtime, &t); } else { time(&curr_time); - t = localtime(&curr_time); + localtime_r(&curr_time, &t); } - (void)strftime(buf, sizeof(buf), "%a %b %e %H:%M:%S %G", t); + (void)strftime(buf, sizeof(buf), "%a %b %e %H:%M:%S %G", &t); diff_output("%s %s %s\n", diff_format == D_CONTEXT ? "---" : "+++", diff_file2, buf); diff --git a/usr.bin/cvs/edit.c b/usr.bin/cvs/edit.c index c8faef21e6d..cc7944a299d 100644 --- a/usr.bin/cvs/edit.c +++ b/usr.bin/cvs/edit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: edit.c,v 1.45 2008/03/01 21:29:36 deraadt Exp $ */ +/* $OpenBSD: edit.c,v 1.46 2008/06/11 02:19:13 tobias Exp $ */ /* * Copyright (c) 2006, 2007 Xavier Santolaria <xsa@openbsd.org> * @@ -19,6 +19,7 @@ #include <errno.h> #include <string.h> +#include <time.h> #include <unistd.h> #include "cvs.h" @@ -257,7 +258,7 @@ static void cvs_edit_local(struct cvs_file *cf) { FILE *fp; - struct tm *t; + struct tm t; time_t now; char timebuf[CVS_TIME_BUFSZ], thishost[MAXHOSTNAMELEN]; char bfpath[MAXPATHLEN], wdir[MAXPATHLEN]; @@ -274,10 +275,8 @@ cvs_edit_local(struct cvs_file *cf) CVS_PATH_NOTIFY, strerror(errno)); (void)time(&now); - if ((t = gmtime(&now)) == NULL) - fatal("gmtime failed"); - - asctime_r(t, timebuf); + gmtime_r(&now, &t); + asctime_r(&t, timebuf); timebuf[strcspn(timebuf, "\n")] = '\0'; if (gethostname(thishost, sizeof(thishost)) == -1) @@ -326,7 +325,7 @@ cvs_unedit_local(struct cvs_file *cf) { FILE *fp; struct stat st; - struct tm *t; + struct tm t; time_t now; char bfpath[MAXPATHLEN], timebuf[64], thishost[MAXHOSTNAMELEN]; char wdir[MAXPATHLEN], sticky[CVS_ENT_MAXLINELEN]; @@ -360,10 +359,8 @@ cvs_unedit_local(struct cvs_file *cf) CVS_PATH_NOTIFY, strerror(errno)); (void)time(&now); - if ((t = gmtime(&now)) == NULL) - fatal("gmtime failed"); - - asctime_r(t, timebuf); + gmtime_r(&now, &t); + asctime_r(&t, timebuf); timebuf[strcspn(timebuf, "\n")] = '\0'; if (gethostname(thishost, sizeof(thishost)) == -1) diff --git a/usr.bin/cvs/entries.c b/usr.bin/cvs/entries.c index 6ea873fa539..6c4d8848a9c 100644 --- a/usr.bin/cvs/entries.c +++ b/usr.bin/cvs/entries.c @@ -1,4 +1,4 @@ -/* $OpenBSD: entries.c,v 1.96 2008/06/09 22:31:24 tobias Exp $ */ +/* $OpenBSD: entries.c,v 1.97 2008/06/11 02:19:13 tobias Exp $ */ /* * Copyright (c) 2006 Joris Vink <joris@openbsd.org> * @@ -479,7 +479,7 @@ cvs_write_tagfile(const char *dir, char *tag, char *date) RCSNUM *rev; char tagpath[MAXPATHLEN]; char sticky[CVS_REV_BUFSZ]; - struct tm *datetm; + struct tm datetm; int i; cvs_log(LP_TRACE, "cvs_write_tagfile(%s, %s, %s)", dir, @@ -511,9 +511,9 @@ cvs_write_tagfile(const char *dir, char *tag, char *date) "T%s", tag); } } else { - datetm = gmtime(&cvs_specified_date); + gmtime_r(&cvs_specified_date, &datetm); (void)strftime(sticky, sizeof(sticky), - "D"CVS_DATE_FMT, datetm); + "D"CVS_DATE_FMT, &datetm); } if (cvs_server_active == 1) diff --git a/usr.bin/cvs/status.c b/usr.bin/cvs/status.c index 7e1b86f294f..70e88240396 100644 --- a/usr.bin/cvs/status.c +++ b/usr.bin/cvs/status.c @@ -1,4 +1,4 @@ -/* $OpenBSD: status.c,v 1.86 2008/06/08 18:07:44 joris Exp $ */ +/* $OpenBSD: status.c,v 1.87 2008/06/11 02:19:13 tobias Exp $ */ /* * Copyright (c) 2006 Joris Vink <joris@openbsd.org> * Copyright (c) 2005-2008 Xavier Santolaria <xsa@openbsd.org> @@ -17,6 +17,7 @@ */ #include <string.h> +#include <time.h> #include <unistd.h> #include "cvs.h" @@ -212,12 +213,12 @@ cvs_status_local(struct cvs_file *cf) cvs_printf(" Sticky Tag:\t\t(none)\n"); if (cf->file_ent->ce_date != -1) { - struct tm *datetm; + struct tm datetm; char datetmp[CVS_TIME_BUFSZ]; - datetm = gmtime(&(cf->file_ent->ce_date)); + gmtime_r(&(cf->file_ent->ce_date), &datetm); (void)strftime(datetmp, sizeof(datetmp), - CVS_DATE_FMT, datetm); + CVS_DATE_FMT, &datetm); cvs_printf(" Sticky Date:\t\t%s\n", datetmp); } else if (verbosity > 0) |