Mail Archives: cygwin/2015/07/31/20:47:18

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2015/07/31/20:47:18

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:date

:message-id:subject:from:to:content-type; q=dns; s=default; b=v+

kh9VgGULkC7F9uD8C6sWwyVWbsCfpMA1YKpjHttVl01kwtFZxSlhSw9bsRM05j/c

7OGqy8FdJYiBxi3qpB6y6/FVHFGORN2/DfUtc4gr/36vfFtLA9JDbF5WjXIE5543

oe4238Pso1W8pkntNs88ryu4OQDFPf6BUlNOe7aDo=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:date

:message-id:subject:from:to:content-type; s=default; bh=cFTk3yb7

T6V8KckRGt3/PUM/Dis=; b=R3lfgn9WU7jWM/UMkMQOJhfYb7B6nddN4TcVGIrh

JT3ajk1qM1iBuRPVrplubo+UZxWP0LZ4sJO7zPnx7ysl3UM0Z/FArHl214QB/6v/

7d8NlKT2eN7rJSxGTzO18W11Jj2CuxJsMLiTfgrLm9JaX5GwickwN8Uy0o4pIr0x

2q0=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2

X-HELO: mail-la0-f53.google.com

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=txOQvSLbRBuej2X21RYNLJ6Y4GhzOtkbSj9h8l1yAhg=; b=BtIEojmK7l8Itm9SZUTH42tC2BJE1vKN9qElYJ4Q3YI33G5ia2o7sNGQXY52EAeY5E QZ/XNxvCCgykKQbDw2cZbB7FQLJKZGVj1Pm1tNlspH2UuhW2OkywnntSGVV0nVTirK4w OvTKkQLB08eCatqOP9RUyHuA/B/67NSWikRvx6xwwWDLO8+N7z2IWgemZIsjFajchknn TuXAtjMNM/lv9GUVBqU1b3QP6t2SJnHee5H5pGTCD9O9ATbDzG6/9R9cMwOwKBiM1An0 +EJ+FNI6stYBMwZF+sJnkyaBmLGjpXvcVdnqedldnd4/s7T78Mwi/gGSM23Br972iT7T 0qZA==

X-Gm-Message-State: ALoCoQlcAFiEMQWCFbq+jl4hzxt1LYISCZwfRzBw23tLbooZviPGIdHgLe8l8GgnnuqvXyYTdus4

MIME-Version: 1.0

X-Received: by 10.112.202.234 with SMTP id kl10mr6138272lbc.51.1438390020650; Fri, 31 Jul 2015 17:47:00 -0700 (PDT)

In-Reply-To: <55BB6F59.8060905@dronecode.org.uk>

References: <CAOC2fq9A1DSjy=7Af=wVCkNEsttpd4Fj-0w_nNwnSb76WFt5WA AT mail DOT gmail DOT com> <55BB6F59 DOT 8060905 AT dronecode DOT org DOT uk>

Date: Fri, 31 Jul 2015 17:47:00 -0700

Message-ID: <CAOC2fq97RZEi6PW98st7AvnYmo4N=m7xbYbp5_8HMagQFoZsnQ@mail.gmail.com>

Subject: Re: Seg Fault in strftime

From: Michael Enright <mike AT kmcardiff DOT com>

To: cygwin AT cygwin DOT com

X-IsSubscribed: yes

On Fri, Jul 31, 2015 at 5:51 AM, Jon TURNEY wrote:
> It would be very helpful if you could tweak the testcase there and produce
> one which reproduces your problem.
>
> [1]
> https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;a=commitdiff;h=75d5f68aabf62c42884ff935f888b12bbcd00001
> [2] https://sourceware.org/ml/newlib/2015/msg00321.html
>
I took one more shot at reproduction and I think the problem is that
if code does a member-by-member initialization based on the fields
defined by POSIX, it is likely that tm_zone won't be initialized and
it could end up with a really bad value. Then strftime is likely to
dereference it.

You can improve the likelihood of a crash by filling a struct tm with
0x54, like I did, but random circumstances could also effectively
cause the same thing.

We could implore the local Cygwin maintainer of mozjs to make sure
that the code I mentioned earlier in that library zeros the struct tm,
but there is only defensive programming recommending that, not a
specification. And there could be other libraries or applications
already tripping over this but not yet spending time on investigating
it.

If I took the time to think it through I think the additional logic
for handling a NULL tm_zone is not necessarily the cause of the
regression I'm facing, because the code I'm using through mozjs was
not setting that field to NULL in the first place.

I'm going to be away from the machines where I have this code at hand
for the next two weeks, reading email but not equipped to do anything
complicated about it.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; q=dns; s=default; b=v+
	kh9VgGULkC7F9uD8C6sWwyVWbsCfpMA1YKpjHttVl01kwtFZxSlhSw9bsRM05j/c
	7OGqy8FdJYiBxi3qpB6y6/FVHFGORN2/DfUtc4gr/36vfFtLA9JDbF5WjXIE5543
	oe4238Pso1W8pkntNs88ryu4OQDFPf6BUlNOe7aDo=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; s=default; bh=cFTk3yb7
	T6V8KckRGt3/PUM/Dis=; b=R3lfgn9WU7jWM/UMkMQOJhfYb7B6nddN4TcVGIrh
	JT3ajk1qM1iBuRPVrplubo+UZxWP0LZ4sJO7zPnx7ysl3UM0Z/FArHl214QB/6v/
	7d8NlKT2eN7rJSxGTzO18W11Jj2CuxJsMLiTfgrLm9JaX5GwickwN8Uy0o4pIr0x
	2q0=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-2.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	mail-la0-f53.google.com
X-Google-DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=txOQvSLbRBuej2X21RYNLJ6Y4GhzOtkbSj9h8l1yAhg=; b=BtIEojmK7l8Itm9SZUTH42tC2BJE1vKN9qElYJ4Q3YI33G5ia2o7sNGQXY52EAeY5E QZ/XNxvCCgykKQbDw2cZbB7FQLJKZGVj1Pm1tNlspH2UuhW2OkywnntSGVV0nVTirK4w OvTKkQLB08eCatqOP9RUyHuA/B/67NSWikRvx6xwwWDLO8+N7z2IWgemZIsjFajchknn TuXAtjMNM/lv9GUVBqU1b3QP6t2SJnHee5H5pGTCD9O9ATbDzG6/9R9cMwOwKBiM1An0 +EJ+FNI6stYBMwZF+sJnkyaBmLGjpXvcVdnqedldnd4/s7T78Mwi/gGSM23Br972iT7T 0qZA==
X-Gm-Message-State:	ALoCoQlcAFiEMQWCFbq+jl4hzxt1LYISCZwfRzBw23tLbooZviPGIdHgLe8l8GgnnuqvXyYTdus4
MIME-Version:	1.0
X-Received:	by 10.112.202.234 with SMTP id kl10mr6138272lbc.51.1438390020650; Fri, 31 Jul 2015 17:47:00 -0700 (PDT)
In-Reply-To:	<55BB6F59.8060905@dronecode.org.uk>
References:	<CAOC2fq9A1DSjy=7Af=wVCkNEsttpd4Fj-0w_nNwnSb76WFt5WA AT mail DOT gmail DOT com> <55BB6F59 DOT 8060905 AT dronecode DOT org DOT uk>
Date:	Fri, 31 Jul 2015 17:47:00 -0700
Message-ID:	<CAOC2fq97RZEi6PW98st7AvnYmo4N=m7xbYbp5_8HMagQFoZsnQ@mail.gmail.com>
Subject:	Re: Seg Fault in strftime
From:	Michael Enright <mike AT kmcardiff DOT com>
To:	cygwin AT cygwin DOT com
X-IsSubscribed:	yes