Uploaded image for project: 'Hyrax Data Server'
  1. HYRAX-845

BESUtil::get_time() has a pointer problem

    Details

    • Type: Bug
    • Status: Done (View workflow)
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: bes
    • Labels:
      None
    • Epic Link:
    • Sprint:
      Hyrax 1.15 release

      Description

      BESUtil::get_time() uses the strftime() function to build the time string. It declares the buffer passed to strftime() like this:

          char buf[sizeof "YYYY-MM-DDTHH:MM:SSzone"];
      

      Which is all well and good if the timezone abbreviation is never more than 4 characters. Unfortunately there are several timezone abbreviations with 5 characters: ACWST, ANAST, AZOST, CHADT, CHAST, CHOST, CIDST, EASST, HOVST, IRKST, KRAST, MAGST, NOVST, OMSST, PETST, ULAST, VLAST, WARST, YAKST, YEKST (No claims that this list is complete, it's just to make the point)

      I think a simple fix would be to change the buffer declaration to:

          char buf[sizeof "YYYY-MM-DDTHH:MM:SSzones"];
      

      I made this change, but the original code is safe. strftime() takes the size of the buffer and won't overwrite its bounds = instead it returns zero if there's not enough space.

        Attachments

          Activity

            People

            • Assignee:
              jimg James Gallagher
              Reporter:
              ndp Nathan Potter
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: