Patch 9.0.0733

[Bram Moolenaar]

Patch 9.0.0733
Problem: Use of strftime() is not safe.
Solution: Check the return value of strftime(). Use a larger buffer and
correctly pass the available space. (Dominique Pellé, closes
#11348)
Files: src/time.c


*** ../vim-9.0.0732/src/time.c 2022-10-07 11:20:24.034352636 +0100
--- src/time.c 2022-10-12 13:30:01.530292365 +0100
***************
*** 82,88 ****
char *
get_ctime(time_t thetime, int add_newline)
{
! static char buf[50];
#ifdef HAVE_STRFTIME
struct tm tmval;
struct tm *curtime;
--- 82,88 ----
char *
get_ctime(time_t thetime, int add_newline)
{
! static char buf[100]; // hopefully enough for every language
#ifdef HAVE_STRFTIME
struct tm tmval;
struct tm *curtime;
***************
*** 90,101 ****
curtime = vim_localtime(&thetime, &tmval);
// MSVC returns NULL for an invalid value of seconds.
if (curtime == NULL)
! vim_strncpy((char_u *)buf, (char_u *)_("(Invalid)"), sizeof(buf) - 1);
else
{
// xgettext:no-c-format
! (void)strftime(buf, sizeof(buf) - 1, _("%a %b %d %H:%M:%S %Y"),
! curtime);
# ifdef MSWIN
if (enc_codepage >= 0 && (int)GetACP() != enc_codepage)
{
--- 90,109 ----
curtime = vim_localtime(&thetime, &tmval);
// MSVC returns NULL for an invalid value of seconds.
if (curtime == NULL)
! vim_strncpy((char_u *)buf, (char_u *)_("(Invalid)"), sizeof(buf) - 2);
else
{
// xgettext:no-c-format
! if (strftime(buf, sizeof(buf) - 2, _("%a %b %d %H:%M:%S %Y"), curtime)
! == 0)
! {
! // Quoting "man strftime":
! // > If the length of the result string (including the terminating
! // > null byte) would exceed max bytes, then strftime() returns 0,
! // > and the contents of the array are undefined.
! vim_strncpy((char_u *)buf, (char_u *)_("(Invalid)"),
! sizeof(buf) - 2);
! }
# ifdef MSWIN
if (enc_codepage >= 0 && (int)GetACP() != enc_codepage)
{
***************
*** 105,111 ****
acp_to_enc((char_u *)buf, (int)strlen(buf), &to_free, &len);
if (to_free != NULL)
{
! STRCPY(buf, to_free);
vim_free(to_free);
}
}
--- 113,119 ----
acp_to_enc((char_u *)buf, (int)strlen(buf), &to_free, &len);
if (to_free != NULL)
{
! STRNCPY(buf, to_free, sizeof(buf) - 2);
vim_free(to_free);
}
}
***************
*** 318,327 ****
convert_setup(&conv, p_enc, enc);
if (conv.vc_type != CONV_NONE)
p = string_convert(&conv, p, NULL);
! if (p != NULL)
! (void)strftime((char *)result_buf, sizeof(result_buf),
! (char *)p, curtime);
! else
result_buf[0] = NUL;

if (conv.vc_type != CONV_NONE)
--- 326,333 ----
convert_setup(&conv, p_enc, enc);
if (conv.vc_type != CONV_NONE)
p = string_convert(&conv, p, NULL);
! if (p == NULL || strftime((char *)result_buf, sizeof(result_buf),
! (char *)p, curtime) == 0)
result_buf[0] = NUL;

if (conv.vc_type != CONV_NONE)
***************
*** 1117,1132 ****
#ifdef HAVE_STRFTIME
struct tm tmval;
struct tm *curtime;

if (vim_time() - tt >= 100)
{
curtime = vim_localtime(&tt, &tmval);
if (vim_time() - tt < (60L * 60L * 12L))
// within 12 hours
! (void)strftime((char *)buf, buflen, "%H:%M:%S", curtime);
else
// longer ago
! (void)strftime((char *)buf, buflen, "%Y/%m/%d %H:%M:%S", curtime);
}
else
#endif
--- 1123,1141 ----
#ifdef HAVE_STRFTIME
struct tm tmval;
struct tm *curtime;
+ int n;

if (vim_time() - tt >= 100)
{
curtime = vim_localtime(&tt, &tmval);
if (vim_time() - tt < (60L * 60L * 12L))
// within 12 hours
! n = strftime((char *)buf, buflen, "%H:%M:%S", curtime);
else
// longer ago
! n = strftime((char *)buf, buflen, "%Y/%m/%d %H:%M:%S", curtime);
! if (n == 0)
! buf[0] = NUL;
}
else
#endif
*** ../vim-9.0.0732/src/version.c 2022-10-12 12:58:50.385618448 +0100
--- src/version.c 2022-10-12 13:28:40.030510098 +0100
***************
*** 701,702 ****
--- 701,704 ----
{ /* Add new patch number below this line */
+ /**/
+ 733,
/**/

--
-rwxr-xr-x 1 root 24 Oct 29 1929 /bin/ed
-rwxr-xr-t 4 root 131720 Jan 1 1970 /usr/ucb/vi
-rwxr-xr-x 1 root 5.89824e37 Oct 22 1990 /usr/bin/emacs

/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///