netbsd-bugs: standards/21722: ISO-C conforming use of struct tm can crash

Subject: standards/21722: ISO-C conforming use of struct tm can crash
To: None <gnats-bugs@gnats.netbsd.org>
From: Richard Earnshaw <rearnsha@arm.com>
List: netbsd-bugs
Date: 05/30/2003 13:58:59

>Number:         21722
>Category:       standards
>Synopsis:       ISO-C conforming use of struct tm can crash
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    standards-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri May 30 13:00:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Richard Earnshaw
>Release:        NetBSD 1.6R
>Organization:
ARM
-- 
>Environment:
	
	
System: NetBSD shark1.cambridge.arm.com 1.6R NetBSD 1.6R (GENERIC) #1: Tue Apr 29 10:12:54 BST 2003 rearnsha@vpc960.cambridge.arm.com:/work/rearnsha/netbsd/build/shark/src/sys/arch/shark/compile/GENERIC shark
Architecture: arm
Machine: shark
>Description:

	A program that makes use of only the fields in struct tm that are
	specified in the ISO-C standards can crash inside of strftime because
	the library accesses non-standard fields.

	The following program sets all of the fields required by ISO-C and then
	calls strftime with a %Z template (an ISO-C documented option).

	
>How-To-Repeat:
	Compile and run the following program with

	cc -std=c89 timetest.c
	./a.out

#include <stdio.h>
#include <time.h>

int
main()
{
  struct tm a_time, *now;
  time_t curtime;
  char buf[1024];

  curtime = time(NULL);
  now = localtime(&curtime);
  /* Poison structure.  */
  memset (&a_time, 1, sizeof(struct tm));

  /* Now set all fields required by c89.  */

  a_time.tm_year = now->tm_year;
  a_time.tm_mon = now->tm_mon;
  a_time.tm_mday = now->tm_mday;
  a_time.tm_hour = now->tm_hour;
  a_time.tm_min = now->tm_min;
  a_time.tm_sec = now->tm_sec;
  a_time.tm_isdst = now->tm_isdst;
  a_time.tm_yday = now->tm_yday;
  a_time.tm_wday = now->tm_wday;

  /* Now print the timezone name.  */
  strftime (buf, sizeof(buf) - 1, "%Z", &a_time);

  printf("Z = %s\n", buf);
  return 0;
}

	There is a similar problem with %z (part of c99) and use of the 
	tm_gmtoff.  But that only causes a bogus result to be returned.

	
>Fix:
	strftime and other time functions must not depend on non-iso fields
	being set when performing actions documented by the standard.


>Release-Note:
>Audit-Trail:
>Unformatted: