[openssh-commits] [openssh] 03/05: upstream commit

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit b6de5ac9ed421362f479d1ad4fa433d2e25dad5b
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Nov 21 01:00:38 2014 +0000

    upstream commit
    
    fix NULL pointer dereference crash on invalid timestamp
    
    found using Michal Zalewski's afl fuzzer
---
 krl.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/krl.c b/krl.c
index 832ac8b..e56f884 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.c,v 1.18 2014/11/17 00:21:40 djm Exp $ */
+/* $OpenBSD: krl.c,v 1.19 2014/11/21 01:00:38 djm Exp $ */
 
 #include "includes.h"
 
@@ -747,8 +747,12 @@ format_timestamp(u_int64_t timestamp, char *ts, size_t nts)
 
 	t = timestamp;
 	tm = localtime(&t);
-	*ts = '\0';
-	strftime(ts, nts, "%Y%m%dT%H%M%S", tm);
+	if (tm == NULL)
+		strlcpy(ts, "<INVALID>", sizeof(nts));
+	else {
+		*ts = '\0';
+		strftime(ts, nts, "%Y%m%dT%H%M%S", tm);
+	}
 }
 
 static int

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.