From dev-return-7097-apmail-stdcxx-dev-archive=stdcxx.apache.org@stdcxx.apache.org Thu Mar 20 17:50:51 2008
Return-Path: <dev-return-7097-apmail-stdcxx-dev-archive=stdcxx.apache.org@stdcxx.apache.org>
Delivered-To: apmail-stdcxx-dev-archive@www.apache.org
Received: (qmail 29392 invoked from network); 20 Mar 2008 17:50:51 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 20 Mar 2008 17:50:51 -0000
Received: (qmail 1201 invoked by uid 500); 20 Mar 2008 17:50:49 -0000
Delivered-To: apmail-stdcxx-dev-archive@stdcxx.apache.org
Received: (qmail 1183 invoked by uid 500); 20 Mar 2008 17:50:49 -0000
Mailing-List: contact dev-help@stdcxx.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@stdcxx.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@stdcxx.apache.org>
List-Post: <mailto:dev@stdcxx.apache.org>
List-Id: <dev.stdcxx.apache.org>
Reply-To: dev@stdcxx.apache.org
Delivered-To: mailing list dev@stdcxx.apache.org
Received: (qmail 1174 invoked by uid 99); 20 Mar 2008 17:50:49 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Mar 2008 10:50:49 -0700
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of msebor@gmail.com designates 209.85.200.175 as permitted sender)
Received: from [209.85.200.175] (HELO wf-out-1314.google.com) (209.85.200.175)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Mar 2008 17:50:08 +0000
Received: by wf-out-1314.google.com with SMTP id 27so1130751wfd.2
        for <dev@stdcxx.apache.org>; Thu, 20 Mar 2008 10:50:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:organization:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding:sender;
        bh=pB5lgSLarMAqHBcSXSWIbREqeAErIwfxCSIFBZxLlRI=;
        b=hfNMdgJ878FFMnumeO/1Qk35AUS9WePfkERgZUuUUiUXZJfWwus6oL5AhGBKxIVDuv+SvDFkdgDM0BRiM4jtaRph7kEOFaDthW3pQMUzXjQgSOLoqJhsSZ2bz8O6b9UNRf4qjUWuXhfZbrKm/ifCaWMmRLcPLenRf6/F6AP52i4=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=message-id:date:from:organization:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding:sender;
        b=YEQEq3wI2xhiWGC/F4Dg2ZBCzdqx9Kla/idd2babFC7kvTjfFnDox2v4fD+1odLV2/gTE7WUtn9Hd7It3h0vt9G6ANqJhL8VBFyxcMZKpnfRXI8a0hobPGGdJCyqsSwSQylH9e8yvA5Sh/y9tSNTVp+l+ZQvZt0OAUVv5HLn+5I=
Received: by 10.142.144.16 with SMTP id r16mr1556230wfd.97.1206035419320;
        Thu, 20 Mar 2008 10:50:19 -0700 (PDT)
Received: from localhost.localdomain ( [71.229.200.170])
        by mx.google.com with ESMTPS id 9sm4181091wfc.16.2008.03.20.10.50.17
        (version=TLSv1/SSLv3 cipher=RC4-MD5);
        Thu, 20 Mar 2008 10:50:17 -0700 (PDT)
Message-ID: <47E2A3D7.2010507@roguewave.com>
Date: Thu, 20 Mar 2008 11:50:15 -0600
From: Martin Sebor <sebor@roguewave.com>
Organization: Rogue Wave Software, Inc.
User-Agent: Thunderbird 2.0.0.12 (X11/20080226)
MIME-Version: 1.0
To: dev@stdcxx.apache.org
Subject: Re: [PATCH] STDCXX-749 [HP aCC 6.16] Potential null pointer dereference
 in time.cpp
References: <CFFDD219128FD94FB4F92B99F52D0A499A2BCC@exchmail01.Blue.Roguewave.Com>
In-Reply-To: <CFFDD219128FD94FB4F92B99F52D0A499A2BCC@exchmail01.Blue.Roguewave.Com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Sender: Martin Sebor <msebor@gmail.com>
X-Virus-Checked: Checked by ClamAV on apache.org

This will silence the warnings but I think we might be able to do
better than simply returning from the function. It seems to me,
based on the LC_TIME Locale Definition in POSIX (see below) that
when strtok() returns 0 in the cases below it indicates invalid
input. I think we should diagnose it as such, and either provide
reasonable defaults when it makes sense or fail with an error.
I've updated STDCXX-749 with a test case for the problem.

http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap07.html#tag_07_03_05_01

Martin

Scott Zhong wrote:
> Index: time.cpp
> ===================================================================
> --- time.cpp    (revision 634377)
> +++ time.cpp    (working copy)
> @@ -67,12 +67,16 @@
>  
>      // now get the offset
>      tokp = std::strtok (0, ":");
> +    if (NULL == tokp)
> +        return;
>      std::sscanf (tokp, "%d", &tmp_era.era_out.offset);
>      if (direction == '-')
>          tmp_era.era_out.offset *= -1;
>      
>      // now get the start date
>      tokp = std::strtok (0, ":");
> +    if (NULL == tokp)
> +        return;
>      unsigned int tmp_mon, tmp_day;
>      std::sscanf (tokp, "%d/%u/%u", &tmp_era.era_out.year[0], 
>                   &tmp_mon, &tmp_day);
> @@ -83,6 +87,8 @@
>  
>      // now get the end date (this may be the beginning or end of time
>      tokp = std::strtok (0, ":");
> +    if (NULL == tokp)
> +        return;
>      if (std::strcmp (tokp, "-*") == 0) {
>          tmp_era.era_out.year[1] = _RWSTD_INT_MIN;
>          tmp_era.era_out.month[1] = _RWSTD_CHAR_MIN;
>