From patchwork Tue May 23 19:41:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joe Simmons-Talbott X-Patchwork-Id: 1785385 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=NNzaM+hD; dkim-atps=neutral Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQl7n46fVz20PY for ; Wed, 24 May 2023 05:41:57 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 28DFA385770A for ; Tue, 23 May 2023 19:41:55 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 28DFA385770A DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1684870915; bh=maA1+Wna3qJSRgKwqf+9CuBRJgi3HKwn7cT11H6JvWY=; h=To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=NNzaM+hDufnVmohqriHEGh8MQHAnq3c3NQ/QkVNfvHz/qXeNoH7ejVG3vrXL0qDPn /2YS+FUC8AJUd0ExO+O+bwwBv9jNIjQg26VADxgfHov+N+uH/hUYyL/wOFsWHpSdL9 Y1Y+9aqz/l1O86Y2Eujmb4If8W7uWv+7Xs3eAuMM= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 856B13858D35 for ; Tue, 23 May 2023 19:41:38 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 856B13858D35 Received: from mail-qv1-f72.google.com (mail-qv1-f72.google.com [209.85.219.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-613-zwli7fpDOt-8zyavSesg0w-1; Tue, 23 May 2023 15:41:37 -0400 X-MC-Unique: zwli7fpDOt-8zyavSesg0w-1 Received: by mail-qv1-f72.google.com with SMTP id 6a1803df08f44-6238dcbc30bso57076d6.1 for ; Tue, 23 May 2023 12:41:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684870896; x=1687462896; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=maA1+Wna3qJSRgKwqf+9CuBRJgi3HKwn7cT11H6JvWY=; b=KmLXTHtkUebdkl8Ko0LbKmcZLkohWE/9QhzTS3xn7P9zroF1KO9r+C9ahurbRz0etc EK0mmjyQB5cx7i6voz+lEQdjgJpIzJca2FtD2srtNWlD4Tzlir9D+X98+Rf5sJaYck9i 212bM4qMb2Isr4izHy3rElg6oV1KLwtqHfW3Dw20ddSPeZ7hJxdaxGoAb0UQFvClnRV+ dfvTMB78d1pC0AjU37YG2qKMWDvC+aFrDuhPTnFMQZMHd0+WEPPVEdlaLKZ7qwcGx8yj REKr2J35g2czRArU55dW9y1DCIl5gCWH1D5K0zSHhCAZuGr2ke3KBZY2Cdfhz8SapnRb rEbw== X-Gm-Message-State: AC+VfDweFqmZjGhFVSo2CqVKoNyNiIls8okdUTfK6OC7Oi8/hbtL1tho PWDAH/aYTJgn3NiKggF83bDcDQgllNX62zLzp0nuipkA4a+8kHuKFi9WV05Xjde83eUCSXe2qVn FcBuXIBC5F8LxBP3A5N08zZGA2t0IURq7gVaXfUHTwGA+35M+u81AICsRIMU98RWBTO92CZTac0 QqUcIa X-Received: by 2002:a05:6214:29c8:b0:61b:5daa:4b6 with SMTP id gh8-20020a05621429c800b0061b5daa04b6mr26030377qvb.15.1684870896231; Tue, 23 May 2023 12:41:36 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7SUqMJeRpnhgeFIOhDRNXCHFQt62fbwPgBa23rZ9dmMllOsMBBIQgAN75C3TEui8kG6725FA== X-Received: by 2002:a05:6214:29c8:b0:61b:5daa:4b6 with SMTP id gh8-20020a05621429c800b0061b5daa04b6mr26030350qvb.15.1684870895894; Tue, 23 May 2023 12:41:35 -0700 (PDT) Received: from oak.redhat.com (c-71-206-142-238.hsd1.va.comcast.net. [71.206.142.238]) by smtp.gmail.com with ESMTPSA id k5-20020ac81405000000b003ee4b5a2dd3sm2370780qtj.21.2023.05.23.12.41.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 23 May 2023 12:41:35 -0700 (PDT) To: libc-alpha@sourceware.org Cc: Joe Simmons-Talbott , Paul Eggert Subject: [PATCH v2] time: strftime_l: Avoid an unbounded alloca. Date: Tue, 23 May 2023 15:41:29 -0400 Message-Id: <20230523194129.1666953-1-josimmon@redhat.com> X-Mailer: git-send-email 2.40.0 MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-12.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Joe Simmons-Talbott via Libc-alpha From: Joe Simmons-Talbott Reply-To: Joe Simmons-Talbott Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Sender: "Libc-alpha" Avoid possible stack overflow by removing alloca() and converting to wide characters within the buffer. Suggested-by: Paul Eggert --- Changes to v1: * Fix elf/check_localplt failure for wmemmove time/strftime_l.c | 39 +++++++++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 14 deletions(-) diff --git a/time/strftime_l.c b/time/strftime_l.c index 402c6c4111..3901bd79da 100644 --- a/time/strftime_l.c +++ b/time/strftime_l.c @@ -267,15 +267,6 @@ static const CHAR_T zeroes[16] = /* "0000000000000000" */ # undef __mbsrtowcs_l # define __mbsrtowcs_l(d, s, l, st, loc) __mbsrtowcs (d, s, l, st) # endif -# define widen(os, ws, l) \ - { \ - mbstate_t __st; \ - const char *__s = os; \ - memset (&__st, '\0', sizeof (__st)); \ - l = __mbsrtowcs_l (NULL, &__s, 0, &__st, loc); \ - ws = alloca ((l + 1) * sizeof (wchar_t)); \ - (void) __mbsrtowcs_l (ws, &__s, l, &__st, loc); \ - } #endif @@ -1342,11 +1333,31 @@ __strftime_internal (CHAR_T *s, size_t maxsize, const CHAR_T *format, #ifdef COMPILE_WIDE { /* The zone string is always given in multibyte form. We have - to transform it first. */ - wchar_t *wczone; - size_t len; - widen (zone, wczone, len); - cpy (len, wczone); + to convert it to wide character. */ + size_t w = pad == L_('-') || width < 0 ? 0 : width; + char const *z = zone; + mbstate_t st = {0}; + size_t len = __mbsrtowcs_l (p, &z, maxsize - i, &st, loc); + if (len == (size_t) -1) + return 0; + size_t incr = len < w ? w : len; + if (incr >= maxsize - i) + { + errno = ERANGE; + return 0; + } + if (p) + { + if (len < w) + { + size_t delta = w - len; + __wmemmove (p + delta, p, len); + wchar_t wc = pad == L_('0') || pad == L_('+') ? L'0' : L' '; + wmemset (p, wc, delta); + } + p += incr; + } + i += incr; } #else cpy (strlen (zone), zone);