diff options
author | Paul Eggert <eggert@cs.ucla.edu> | 2011-08-29 08:53:21 -0700 |
---|---|---|
committer | Paul Eggert <eggert@cs.ucla.edu> | 2011-08-29 08:53:21 -0700 |
commit | 33ef5c64373c744c6ce4329fe021c3eb729aeee4 (patch) | |
tree | a776eaca91418d9380cb1d6e004dd0dbf2868df2 | |
parent | 9d1df220c5484374901f8edff05e41bb575c0c77 (diff) |
* editfns.c (Fcurrent_time_zone): Don't overrun buffer
even if the time zone offset is outlandishly large.
Don't mishandle offset == INT_MIN.
-rw-r--r-- | src/ChangeLog | 4 | ||||
-rw-r--r-- | src/editfns.c | 5 |
2 files changed, 7 insertions, 2 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index 4336d6a6b8..afd78a46c6 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -26,6 +26,10 @@ * dispnew.c (add_window_display_history): Don't overrun buffer. Truncate instead; this is OK since it's just a log. + * editfns.c (Fcurrent_time_zone): Don't overrun buffer + even if the time zone offset is outlandishly large. + Don't mishandle offset == INT_MIN. + 2011-08-26 Paul Eggert <eggert@cs.ucla.edu> Integer and memory overflow issues (Bug#9196). diff --git a/src/editfns.c b/src/editfns.c index 6759016766..580298c6e7 100644 --- a/src/editfns.c +++ b/src/editfns.c @@ -2014,7 +2014,7 @@ the data it can't find. */) { int offset = tm_diff (t, &gmt); char *s = 0; - char buf[6]; + char buf[sizeof "+00" + INT_STRLEN_BOUND (int)]; #ifdef HAVE_TM_ZONE if (t->tm_zone) @@ -2029,7 +2029,8 @@ the data it can't find. */) if (!s) { /* No local time zone name is available; use "+-NNNN" instead. */ - int am = (offset < 0 ? -offset : offset) / 60; + int m = offset / 60; + int am = offset < 0 ? - m : m; sprintf (buf, "%c%02d%02d", (offset < 0 ? '-' : '+'), am/60, am%60); s = buf; } |