From ce7bf999f7a311e66ccfd92e1e6906668d94eefa Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Sat, 14 Jun 2014 23:19:23 -0700 Subject: [PATCH] Fix stack buffer overrun in mktime and similar functions. * localtime.c (time1): Declare 'types' array to have TZ_MAX_TIMES entries, not TZ_MAX_TYPES entries. * NEWS: Document this. --- NEWS | 4 ++++ localtime.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 4ceddbe..ee48de9 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,10 @@ Unreleased, experimental changes Finland's 1942 fall-back transition was October 4 at 01:00, not October 3 at 00:00. (Thanks to Konstantin Hyppönen.) + Changes affecting code + + A stack-overrun bug has been fixed in 'mktime' and similar functions. + Changes affecting commentary Commentary now uses UTF-8 instead of US-ASCII, allowing the use of diff --git a/localtime.c b/localtime.c index ff07c70..5eecdc1 100644 --- a/localtime.c +++ b/localtime.c @@ -1868,7 +1868,7 @@ time1(struct tm *const tmp, register int i; register int nseen; int seen[TZ_MAX_TYPES]; - int types[TZ_MAX_TYPES]; + int types[TZ_MAX_TIMES]; int okay; if (tmp == NULL) {