This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v3] tzset robustness [BZ#17715]


Florian Weimer wrote:
+  /* POSIX time zone specifiers are much shorter than 256 characters.  */
+  char tzbuf[256];

This part (and the other parts that assume at most 256 for TZ length) do not look correct to me. The only limit that POSIX places on TZ length is ARG_MAX bytes (which must be at least 4096 bytes), so the following shell command conforms to POSIX as far as I can see:

$ TZ=PST00000000000000000000000000000000000000000000000000000000000000000000000\
0000000000000000000000000000000000000000000000000000000000000000000000000000000\
0000000000000000000000000000000000000000000000000000000000000000000000000000000\
000000000000000000000000008 date
Mon Feb 16 11:47:31 PST 2015

This shell command works in current glibc, as well as on Solaris.

POSIX does allow the implementation to impose a limit of TZNAME_MAX bytes on a time zone abbreviation like "PST". If the intent is to start imposing a limit such as 255 in glibc to avoid denial-of-service issues, any such limit should be done consistently and correctly, e.g., sysconf (TZNAME_MAX) should return 255.

For what it's worth, the public-domain tz code limits itself to at most 255 bytes in a time zone abbreviation taken from the TZ environment variable, and to at most 50 bytes in a time zone abbreviation stored in a tz binary file.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]