BESUtil::get_time() has a pointer problem

Description

BESUtil::get_time() uses the strftime() function to build the time string. It declares the buffer passed to strftime() like this:

Which is all well and good if the timezone abbreviation is never more than 4 characters. Unfortunately there are several timezone abbreviations with 5 characters: ACWST, ANAST, AZOST, CHADT, CHAST, CHOST, CIDST, EASST, HOVST, IRKST, KRAST, MAGST, NOVST, OMSST, PETST, ULAST, VLAST, WARST, YAKST, YEKST (No claims that this list is complete, it's just to make the point)

I think a simple fix would be to change the buffer declaration to:

I made this change, but the original code is safe. strftime() takes the size of the buffer and won't overwrite its bounds = instead it returns zero if there's not enough space.

Environment

None

Status

Assignee

James Gallagher

Reporter

Nathan Potter

Labels

None

Epic Link

Components

Sprint

None

Priority

Medium
Configure