kmx git

Commit	Date	Message
210cb7a9	2017-05-01T17:27:53	tzset: Work around TZ problem on native Windows. * m4/tzset.m4 (gl_FUNC_TZSET): Require AC_CANONICAL_HOST. On native Windows, set REPLACE_TZSET to 1. * lib/tzset.c (tzset): On native Windows, fix TZ if necessary, and invoke '_tzset' instead of 'tzset'. * doc/posix-functions/tzset.texi: Mention the native Windows workaround. * modules/time_rz (Depends-on): Add tzset. * lib/time_rz.c (tzset): Remove fallback definition. * m4/time_rz.m4 (gl_TIME_RZ): Don't test for tzset.
94e01571	2017-04-24T01:43:36	time_rz: fix heap buffer overflow vulnerability This issue has been assigned CVE-2017-7476 and was detected with American Fuzzy Lop 2.41b run on the coreutils date(1) program with ASAN enabled. ERROR: AddressSanitizer: heap-buffer-overflow on address 0x... WRITE of size 8 at 0x60d00000cff8 thread T0 #1 0x443020 in extend_abbrs lib/time_rz.c:88 #2 0x443356 in save_abbr lib/time_rz.c:155 #3 0x44393f in localtime_rz lib/time_rz.c:290 #4 0x41e4fe in parse_datetime2 lib/parse-datetime.y:1798 A minimized reproducer is the following 120 byte TZ value, which goes beyond the value of ABBR_SIZE_MIN (119) on x86_64. Extend the aa...b portion to overwrite more of the heap. date -d $(printf 'TZ="aaa%020daaaaaab%089d"') localtime_rz and mktime_z were affected since commit 4bc76593. parse_datetime was affected since commit 4e6e16b3f. * lib/time_rz.c (save_abbr): Rearrange the calculation determining whether there is enough buffer space available. The rearrangement ensures we're only dealing with positive numbers, thus avoiding the problematic promotion of signed to unsigned causing an invalid comparison when zone_copy is more than ABBR_SIZE_MIN bytes beyond the start of the buffer. * tests/test-parse-datetime.c (main): Add a test case written by Paul Eggert, which overwrites enough of the heap so that standard glibc will fail with "free(): invalid pointer" without the patch applied. Reported and analyzed at https://bugzilla.redhat.com/1444774
a3fd683d	2017-01-01T02:59:23	version-etc: new year * build-aux/gendocs.sh (version): * doc/gendocs_template: * doc/gendocs_template_min: * doc/gnulib.texi: * lib/version-etc.c (COPYRIGHT_YEAR): Update copyright dates by hand in templates and the like. * all files: Run 'make update-copyright'.
4c32543a	2016-09-07T02:01:42	flexmember: port better to GCC + valgrind With a char[] flexible array member in a struct with nontrivial alignment, GCC-generated code can access past the end of the array, because GCC assumes there are padding bytes to get the struct aligned. So the common idiom of malloc (offsetof (struct s, m), n) does not properly allocate an n-byte trailing member, as malloc’s argument should be the next multiple of alignof (struct s). See GCC Bug#66661: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66661 Although C11 apparently permits this GCC optimization (i.e., there was a bug in Gnulib not in GCC), possibly this is a defect in C11. See the thread containing: https://gcc.gnu.org/ml/gcc-patches/2016-09/msg00317.html * lib/flexmember.h: New file. * lib/fnmatch.c, lib/fts.c, lib/glob.c, lib/idcache.c: * lib/localename.c, lib/time_rz.c: Include flexmember.h. * lib/fnmatch_loop.c (struct patternlist): * lib/localename.c (struct hash_node): Use FLEXIBLE_ARRAY_MEMBER. * lib/fnmatch_loop.c (EXT): * lib/fts.c (fts_alloc): * lib/glob.c (glob_in_dir): * lib/idcache.c (getuser, getuidbyname, getgroup, getgidbyname): * lib/localename.c (gl_lock_define_initialized): * lib/time_rz.c (tzalloc): Use FLEXSIZEOF instead of offsetof. * m4/flexmember.m4 (AC_C_FLEXIBLE_ARRAY_MEMBER): Check that the size of the struct can be taken. * modules/flexmember (Files): Add lib/flexmember.h. * modules/fnmatch, modules/glob, modules/localename (Depends-on): Add flexmember.
488c5828	2016-03-15T13:10:56	time_rz: port to clang -Wunused-const-variable * lib/time_rz.c (TZ): Remove. All uses removed.
71090a2a	2016-01-01T00:56:19	version-etc: new year * build-aux/gendocs.sh (version): * doc/gendocs_template: * doc/gendocs_template_min: * doc/gnulib.texi: * lib/version-etc.c (COPYRIGHT_YEAR): Update copyright dates by hand in templates and the like. * all files: Run 'make update-copyright'.
9180f79e	2015-10-20T23:16:52	time_rz: fix comment about tzalloc * lib/time_rz.c (tzalloc): Fix comment.
b0ac02e8	2015-10-18T10:24:37	time_rz: return NULL if localtime_r fails * lib/time_rz.c (localtime_rz): Return NULL if localtime_r fails, while still attempting to pacify bleeding-edge GCC.
0de3313d	2015-10-18T09:32:21	time_rz: avoid warning from bleeding-edge gcc's -Wnonnull Compiling with gcc version 6.0.0 20151017 (experimental) (GCC), I would see this: lib/time_rz.c: In function 'localtime_rz': lib/time_rz.c:292:15: error: nonnull argument 'tm' compared to NULL \ [-Werror=nonnull] if (tm && !save_abbr (tz, tm)) ^ That was complaining about "tm" because it is a parameter that was declared with the __nonnull__ attribute. * lib/time_rz.c (localtime_rz): Don't bother setting "tm" to the result of localtime_r.
9c70545f	2015-07-29T13:48:10	time_rz: port to pedantic memcpy * lib/time_rz.c (tzalloc): Pacify pedantic memcpy implementations that reject memcpy (..., NULL, 0).
d3bc6917	2015-07-27T16:41:17	time_rz: port better to MinGW Don't change tzname, as this makes MinGW dump core (Bug#21020). Instead, store the tzname copy in the struct tm_zone object. Problem reported by Eli Zaretskii in: http://bugs.gnu.org/21020#48 * lib/strftime.c [!_LIBC]: * lib/time_rz.c: Include time-internal.h. * lib/strftime.c (strftime_case_) [!HAVE_TM_ZONE]: Infer the zone name from TZ rather than from TZNAME, doable because TZ now has a tzname_copy member. * lib/time-internal.h: New file, with contents taken from lib/time_rz.c. It's separate because strftime.c now accesses struct tm_zone members. (struct tm_zone) [HAVE_TZNAME && !HAVE_TM_ZONE]: New member tzname_copy. * lib/time_rz.c (struct tm_zone): Move to time-internal.h. (tzalloc) [HAVE_TZNAME && !HAVE_TM_ZONE]: Initialize tzname_copy member. (save_abbr) [HAVE_TZNAME && !HAVE_TM_ZONE]: Save abbreviation in tzname_copy member. (revert_tz) [HAVE_TZNAME]: Remove no-longer-needed tzname saving. (restore_tzname): Remove; no longer needed. All calls removed. * modules/time_rz (Files): Add lib/time-internal.h.
5ed44b37	2015-07-25T15:20:10	time_rz: port to Solaris etc. Works around a tzname problem on platforms like Solaris that have tzname but not tm_zone, by setting tzname at the appropriate time and restoring it later. * lib/time_rz.c (tzname_address, tzname_value) [HAVE_TZNAME]: New static vars. (save_abbr) [HAVE_TZNAME]: Set them. (revert_tz) [HAVE_TZNAME]: Clear or use them. (restore_tzname): New function. (localtime_rz, mktime_z): Use it.
d3e697dd	2015-07-25T15:11:42	time_rz: make a constant 'const' * lib/time_rz.c (local_tz): Now const.
2134fd0a	2015-07-25T15:10:16	time_rz: fix off-by-one typo * lib/time_rz.c (extend_abbrs): Fix off-by-one typo.
4bc76593	2015-07-23T17:44:19	time_rz: new module * MODULES.html.sh: Add time_rz. * lib/time_rz.c, m4/time_rz.m4, modules/time_rz: New files. * lib/time.in.h (timezone_t, tzalloc, tzfree, localtime_rz, mktime_z): New decls if _GNU_SOURCE && @GNULIB_TIME_RZ@ && ! @HAVE_TIMEZONE_T@. * m4/sys_time_h.m4 (gl_HEADER_SYS_TIME_H_DEFAULTS): New var HAVE_TIMEZONE_T (default 0). * m4/time_h.m4 (gl_HEADER_TIME_H_DEFAULTS): New var GNULIB_TIME_RZ (default 0). * modules/time (time.h): Substitute the new vars.

210cb7a9

2017-05-01T17:27:53

tzset: Work around TZ problem on native Windows. * m4/tzset.m4 (gl_FUNC_TZSET): Require AC_CANONICAL_HOST. On native Windows, set REPLACE_TZSET to 1. * lib/tzset.c (tzset): On native Windows, fix TZ if necessary, and invoke '_tzset' instead of 'tzset'. * doc/posix-functions/tzset.texi: Mention the native Windows workaround. * modules/time_rz (Depends-on): Add tzset. * lib/time_rz.c (tzset): Remove fallback definition. * m4/time_rz.m4 (gl_TIME_RZ): Don't test for tzset.

94e01571

2017-04-24T01:43:36

time_rz: fix heap buffer overflow vulnerability This issue has been assigned CVE-2017-7476 and was detected with American Fuzzy Lop 2.41b run on the coreutils date(1) program with ASAN enabled. ERROR: AddressSanitizer: heap-buffer-overflow on address 0x... WRITE of size 8 at 0x60d00000cff8 thread T0 #1 0x443020 in extend_abbrs lib/time_rz.c:88 #2 0x443356 in save_abbr lib/time_rz.c:155 #3 0x44393f in localtime_rz lib/time_rz.c:290 #4 0x41e4fe in parse_datetime2 lib/parse-datetime.y:1798 A minimized reproducer is the following 120 byte TZ value, which goes beyond the value of ABBR_SIZE_MIN (119) on x86_64. Extend the aa...b portion to overwrite more of the heap. date -d $(printf 'TZ="aaa%020daaaaaab%089d"') localtime_rz and mktime_z were affected since commit 4bc76593. parse_datetime was affected since commit 4e6e16b3f. * lib/time_rz.c (save_abbr): Rearrange the calculation determining whether there is enough buffer space available. The rearrangement ensures we're only dealing with positive numbers, thus avoiding the problematic promotion of signed to unsigned causing an invalid comparison when zone_copy is more than ABBR_SIZE_MIN bytes beyond the start of the buffer. * tests/test-parse-datetime.c (main): Add a test case written by Paul Eggert, which overwrites enough of the heap so that standard glibc will fail with "free(): invalid pointer" without the patch applied. Reported and analyzed at https://bugzilla.redhat.com/1444774

a3fd683d

2017-01-01T02:59:23

version-etc: new year * build-aux/gendocs.sh (version): * doc/gendocs_template: * doc/gendocs_template_min: * doc/gnulib.texi: * lib/version-etc.c (COPYRIGHT_YEAR): Update copyright dates by hand in templates and the like. * all files: Run 'make update-copyright'.

4c32543a

2016-09-07T02:01:42

flexmember: port better to GCC + valgrind With a char[] flexible array member in a struct with nontrivial alignment, GCC-generated code can access past the end of the array, because GCC assumes there are padding bytes to get the struct aligned. So the common idiom of malloc (offsetof (struct s, m), n) does not properly allocate an n-byte trailing member, as malloc’s argument should be the next multiple of alignof (struct s). See GCC Bug#66661: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66661 Although C11 apparently permits this GCC optimization (i.e., there was a bug in Gnulib not in GCC), possibly this is a defect in C11. See the thread containing: https://gcc.gnu.org/ml/gcc-patches/2016-09/msg00317.html * lib/flexmember.h: New file. * lib/fnmatch.c, lib/fts.c, lib/glob.c, lib/idcache.c: * lib/localename.c, lib/time_rz.c: Include flexmember.h. * lib/fnmatch_loop.c (struct patternlist): * lib/localename.c (struct hash_node): Use FLEXIBLE_ARRAY_MEMBER. * lib/fnmatch_loop.c (EXT): * lib/fts.c (fts_alloc): * lib/glob.c (glob_in_dir): * lib/idcache.c (getuser, getuidbyname, getgroup, getgidbyname): * lib/localename.c (gl_lock_define_initialized): * lib/time_rz.c (tzalloc): Use FLEXSIZEOF instead of offsetof. * m4/flexmember.m4 (AC_C_FLEXIBLE_ARRAY_MEMBER): Check that the size of the struct can be taken. * modules/flexmember (Files): Add lib/flexmember.h. * modules/fnmatch, modules/glob, modules/localename (Depends-on): Add flexmember.

488c5828

2016-03-15T13:10:56

time_rz: port to clang -Wunused-const-variable * lib/time_rz.c (TZ): Remove. All uses removed.

71090a2a

2016-01-01T00:56:19

version-etc: new year * build-aux/gendocs.sh (version): * doc/gendocs_template: * doc/gendocs_template_min: * doc/gnulib.texi: * lib/version-etc.c (COPYRIGHT_YEAR): Update copyright dates by hand in templates and the like. * all files: Run 'make update-copyright'.

9180f79e

2015-10-20T23:16:52

time_rz: fix comment about tzalloc * lib/time_rz.c (tzalloc): Fix comment.

b0ac02e8

2015-10-18T10:24:37

time_rz: return NULL if localtime_r fails * lib/time_rz.c (localtime_rz): Return NULL if localtime_r fails, while still attempting to pacify bleeding-edge GCC.

0de3313d

2015-10-18T09:32:21

time_rz: avoid warning from bleeding-edge gcc's -Wnonnull Compiling with gcc version 6.0.0 20151017 (experimental) (GCC), I would see this: lib/time_rz.c: In function 'localtime_rz': lib/time_rz.c:292:15: error: nonnull argument 'tm' compared to NULL \ [-Werror=nonnull] if (tm && !save_abbr (tz, tm)) ^ That was complaining about "tm" because it is a parameter that was declared with the __nonnull__ attribute. * lib/time_rz.c (localtime_rz): Don't bother setting "tm" to the result of localtime_r.

9c70545f

2015-07-29T13:48:10

time_rz: port to pedantic memcpy * lib/time_rz.c (tzalloc): Pacify pedantic memcpy implementations that reject memcpy (..., NULL, 0).

d3bc6917

2015-07-27T16:41:17

time_rz: port better to MinGW Don't change tzname, as this makes MinGW dump core (Bug#21020). Instead, store the tzname copy in the struct tm_zone object. Problem reported by Eli Zaretskii in: http://bugs.gnu.org/21020#48 * lib/strftime.c [!_LIBC]: * lib/time_rz.c: Include time-internal.h. * lib/strftime.c (strftime_case_) [!HAVE_TM_ZONE]: Infer the zone name from *TZ rather than from TZNAME, doable because *TZ now has a tzname_copy member. * lib/time-internal.h: New file, with contents taken from lib/time_rz.c. It's separate because strftime.c now accesses struct tm_zone members. (struct tm_zone) [HAVE_TZNAME && !HAVE_TM_ZONE]: New member tzname_copy. * lib/time_rz.c (struct tm_zone): Move to time-internal.h. (tzalloc) [HAVE_TZNAME && !HAVE_TM_ZONE]: Initialize tzname_copy member. (save_abbr) [HAVE_TZNAME && !HAVE_TM_ZONE]: Save abbreviation in tzname_copy member. (revert_tz) [HAVE_TZNAME]: Remove no-longer-needed tzname saving. (restore_tzname): Remove; no longer needed. All calls removed. * modules/time_rz (Files): Add lib/time-internal.h.

5ed44b37

2015-07-25T15:20:10

time_rz: port to Solaris etc. Works around a tzname problem on platforms like Solaris that have tzname but not tm_zone, by setting tzname at the appropriate time and restoring it later. * lib/time_rz.c (tzname_address, tzname_value) [HAVE_TZNAME]: New static vars. (save_abbr) [HAVE_TZNAME]: Set them. (revert_tz) [HAVE_TZNAME]: Clear or use them. (restore_tzname): New function. (localtime_rz, mktime_z): Use it.

d3e697dd

2015-07-25T15:11:42

time_rz: make a constant 'const' * lib/time_rz.c (local_tz): Now const.

2134fd0a

2015-07-25T15:10:16

time_rz: fix off-by-one typo * lib/time_rz.c (extend_abbrs): Fix off-by-one typo.

4bc76593

2015-07-23T17:44:19

time_rz: new module * MODULES.html.sh: Add time_rz. * lib/time_rz.c, m4/time_rz.m4, modules/time_rz: New files. * lib/time.in.h (timezone_t, tzalloc, tzfree, localtime_rz, mktime_z): New decls if _GNU_SOURCE && @GNULIB_TIME_RZ@ && ! @HAVE_TIMEZONE_T@. * m4/sys_time_h.m4 (gl_HEADER_SYS_TIME_H_DEFAULTS): New var HAVE_TIMEZONE_T (default 0). * m4/time_h.m4 (gl_HEADER_TIME_H_DEFAULTS): New var GNULIB_TIME_RZ (default 0). * modules/time (time.h): Substitute the new vars.

kc3-lang/gnulib/lib/time_rz.c

lib/time_rz.c

Log