[PATCH] Avoiding Dereferencing of NULL pointer
Alex Bligh
alex at alex.org.uk
Mon Oct 7 05:38:23 AEDT 2019
> On 4 Oct 2019, at 05:56, Darren Tucker <dtucker at dtucker.net> wrote:
>
> Applied a variant, thanks.
>
> On Thu, 3 Oct 2019 at 18:18, krishnaiah bommu <krishnaiah.bommu at intel.com>
> wrote:
>
>> [...]
>> - struct tm *gtm;
>> + struct tm *gtm = NULL;
>>
>
> Since it's unconditionally assigned below, initialising it is not necessary.
>
> + if (!gtm)
>> + return (-1);
>>
>
> The OpenBSD style guide (http://man.openbsd.org/style.9) advises not using
> negations on things that aren't boolean.
The initialization to NULL sounds bogus but technically gmtime can return
NULL at least on some systems. From the manpage on OS-X (closest I had
to hand):
The functions ctime(), gmtime(), and localtime() all take
as an argument a time value representing
the time in seconds since the Epoch (00:00:00 UTC, January 1, 1970;
see time(3)). When encountering an error, these functions return
NULL and set errno to an appropriate value.
Linux says:
The gmtime() function converts the calendar time timep to broken-down
time representation, expressed in Coordinated Universal Time (UTC).
It may return NULL when the year does not fit into an integer.
This appears not to be the case on openbsd.
So given it uses the output of time(), at least on Linux, this is literally
a bug waiting to happen. Albeit it waiting a very very long time.
--
Alex Bligh
More information about the openssh-unix-dev
mailing list