| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=LBxt1ZBqB/E359JW4yovptAuMxfI0zqdTNktgkZ3pbad0tIIMsc71 | |
| fSPnRpRf9k0zf77cmy7uP6siPaj1y0PQ+waHfi4aQrc4/wY/9j3DCjwIRXgunmgk | |
| pu3qhFfobZtHQcgta3kJkb3rvvP2in1HeUlOc4/8SjVYs+h7RKyx/g= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=JxoNYtp2yw0xB3XnBwgRZSAhvJ0=; b=fD6L4bJUL4k313AX472I5DhWN5HO | |
| MP31aAN2LnuIL5DurfFB+m9+jmvlfYBEQqTmJ/e0B1sDqWacvoY/ruTBE55aNakV | |
| ieMuXYCD863A0cVHPV1KLeW8Sx9D7CqY5humJbEsItdEFtl8NJSZj5FQ0ECHZMHR | |
| OL4/agP2koqXk7c= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.4 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Mon, 3 Aug 2015 10:36:34 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Seg Fault in strftime |
| Message-ID: | <20150803083634.GE17917@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <CAOC2fq9A1DSjy=7Af=wVCkNEsttpd4Fj-0w_nNwnSb76WFt5WA AT mail DOT gmail DOT com> <loom DOT 20150801T233913-448 AT post DOT gmane DOT org> <CAOC2fq9Uv77EuBDBP=Eywht4DqmZZm05WPhnp4dU1V7cD+CE_g AT mail DOT gmail DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <CAOC2fq9Uv77EuBDBP=Eywht4DqmZZm05WPhnp4dU1V7cD+CE_g@mail.gmail.com> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--BwCQnh7xodEAoBMC
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Aug 1 18:47, Michael Enright wrote:
> On Sat, Aug 1, 2015 at 2:47 PM, Brian Inglis wrote:
> > Two problems I have encountered in the past with manually constructed s=
truct tm:
> > - failing to set struct tm.tm_isdst member to -1, or any negative value=
, so
> > that mktime(3) will determine whether DST is in effect, and set the str=
uct
> > tm.tzname array from the tzdb
>=20
> The code calls strftime after setting tm_isdst from its own struct's
> corresponding flag.
>=20
> > - failing to call mktime(3) for each struct tm variable to normalize the
> > struct tm members, determine if DST is in effect if struct tm.tm_isdst
> > member is -1, and set the struct tm.tzname array from the tzdb.
> > Check back in the code to see if struct tm.tm_isdst is set and to what
> > value, and if mktime(3) is called on each struct tm after it is filled.
>=20
> The code doesn't call mktime at all.
> >
> > - failing to call mktime()
> >
>=20
> See above.
>=20
> There is a section of the code that I believe is meant to be
> configured in but it is not. This code calls localtime_r with a time_t
> of zero and copies the resulting tm_gmtoff and tm_zone into the struct
> tm that the routine will call strftime on. This code starts at line
> 621, http://hg.mozilla.org/releases/mozilla-1.9.1/file/920bcf17a9e1/js/sr=
c/prmjtime.cpp#l621
> to jump to that line.
>=20
> The things you advocate doing are super-responsible things to do. I
> have a huge investment in using this particular library and now I'm
> twisting in the wind because someone else appears not to have done all
> the super responsible things they should have done.
>=20
> I have found there is tons of code out there manually filling in
> struct tm's and then filing bugs in glibc (not just newlib problem)
> when things go wrong. And then without even the courtesy of a citation
> of a spec these bugs are resolved WONTFIX because these upstreams
> believe they have the right to insist that struct tm's should NEVER
> manually be filled in and why would you do it anyway. I think the
> minimum struct members specified on POSIX should be considered the API
> to any function that reads struct tm, not because POSIX says so but
> because it is the way to keep machines from getting pwned through
> crash bugs.
The core thingy in POSIX is "The <time.h> header shall declare the tm
structure, which shall include at least the following members:"
^^^^^^^^
A conforming application does not use such a structure which isn't
*at least* initialized to all 0 (memset).
The Cygwin implementation is basically equivalent here to the Glibc
implementation. For the reason why doing that is the right thing,
see https://sourceware.org/ml/newlib/2015/msg00008.html
If your executable has been built prior to releasing this new code,
Cygwin won't require tm_zone and tm_gmtoff anyway. However, for later
built executables it will, and then there's no way around the crash
if tm_zone is uninitialized. If it's NULL, you'll get the current
timezone. But if it's not NULL it's suppsoed to be a pointer to
a valid string. How is a library supposed to know that the pointer
value is just garbage?
Therefore, if you (or the code you have to maintain) wants to fill out
struct tm manually, fine, just make sure to memset it beforehand. In
that case you can be sure that both, glibc and newlib/Cygwin, will
not crash.
Corinna
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--BwCQnh7xodEAoBMC
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJVvygSAAoJEPU2Bp2uRE+gN2MQAJIkg3YW/jh/m7U8DoVtcdjB
It7ijxwBpmubv9ZqTWksVJsApxdUjbnNmkaBjz8af9H+AM6IE5r9A5ONeTZ+Mg5b
b5QbpEEwRoAWfocdA3kHOdfFuG3UDsfmHPquCFY/48SwsPsml1kXXM3zx+vLVKkv
KAkhcsfoGO2ncgWCFkXLus28yxLVBxnP9QWeBglg/ukI+NgAmiMhZX0ErTPPCA7f
MvedcbZk4a4T+A/6+QGljvaQ2Fw0qzNznbdVB3aM6XU1pCyF/Fk6wO5jNHGr4do7
SDknNiZxpyCLDA2Z38JA9jcYdVSgARPqbV6uzjq8n9xpMVV1oQTu2OftwOD5FJNv
6pySpgXm6OB7ka4ZVGDQDR7p0D5VKiY4XlnsYHztvfksUv71BDBYEX9IfThVexpZ
0V5J6qf2gkjHaZZJwQb4eu9QD/73fTDEpddtNERhqup1SueuH7bfGFr2LrRAUxLK
uE8w/aUy+ANaGCpDd2Yy812T4ucPFdjkPfCL2EQOWYI6L75nmvFeRHsJ8/07bOTE
IDrHpr6B0ufLjQWaa4ehYtDzK38aZ49rkKZbka0BGHW8cxOtiXwroluqTSFN/D6s
BjbGCREIU7yqggkw/lGYk+oYJCaI8APMRD5ldJ6K4xy4a6F1BLXt/Iw/Rt24ggPN
X+RLETwvex1Re9yMtKYd
=4rs3
-----END PGP SIGNATURE-----
--BwCQnh7xodEAoBMC--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |