Bug#162917: libc6: strftime crashes with invalid input

[Ben Collins <bcollins@debian.org>]

On Tue, Oct 01, 2002 at 09:05:12AM +1000, Hamish Moffatt wrote:
> Package: libc6
> Version: 2.2.5-14.3
> Severity: normal
> 
> strftime() causes a segmentation fault if some of the values in the tm
> argument are outside of its expected range. Here is a sample program:

Lots of things segfault on unexpected data. Why should this be any
different? SUSv2 specifies the expected ranges for struct tm:

 int    tm_sec   seconds [0,61]
 int    tm_min   minutes [0,59]
 int    tm_hour  hour [0,23]
 int    tm_mday  day of month [1,31]
 int    tm_mon   month of year [0,11]
 int    tm_year  years since 1900
 int    tm_wday  day of week [0,6] (Sunday = 0)
 int    tm_yday  day of year [0,365]
 int    tm_isdst daylight savings flag

Anything else is obviously undefined. Since SUSv2 defines the range on
the input parameters, it should not be expected that that all functions
using struct tm should have to verify all members of struct tm fit into
the range. That is the job of the caller.

Unless you can provide statements to the contrary, I'll close this bug.

-- 
Debian     - http://www.debian.org/
Linux 1394 - http://www.linux1394.org/
Subversion - http://subversion.tigris.org/
Deqo       - http://www.deqo.com/