NULL ptr dereferences found with Calysto static checker

[Gert Doering]

Hi,

On Wed, Jun 20, 2007 at 11:06:31AM -0700, Domagoj Babic wrote:
> I've ran my static checker Calysto on openssh and found the following bug:
> 
> Possible NULL-ptr deref (vc536):
> @/work/benchmarks/SOURCES/openssh-4.6p1/moduli.c:173
> + ptr gtm returned from gmtime dereferenced without checking (gmtime can
> return NULL).

Now this surprises me a bit - I've checked FreeBSD 4 and 6 man pages,
and neither mentions that the return ptr could be NULL.

Checking older SVR3 man pages, I can see the reason:

--------------- quote ---------------
 Note

    The return values for ctime, localtime and gmtime point to static data
    whose content is overwritten by each call.
--------------- quote ---------------

So under which circumstances can it be NULL?

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de