stdcxx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Sebor <se...@roguewave.com>
Subject Re: [PATCH] STDCXX-749 [HP aCC 6.16] Potential null pointer dereference in time.cpp
Date Thu, 20 Mar 2008 17:50:15 GMT
This will silence the warnings but I think we might be able to do
better than simply returning from the function. It seems to me,
based on the LC_TIME Locale Definition in POSIX (see below) that
when strtok() returns 0 in the cases below it indicates invalid
input. I think we should diagnose it as such, and either provide
reasonable defaults when it makes sense or fail with an error.
I've updated STDCXX-749 with a test case for the problem.

http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap07.html#tag_07_03_05_01

Martin

Scott Zhong wrote:
> Index: time.cpp
> ===================================================================
> --- time.cpp    (revision 634377)
> +++ time.cpp    (working copy)
> @@ -67,12 +67,16 @@
>  
>      // now get the offset
>      tokp = std::strtok (0, ":");
> +    if (NULL == tokp)
> +        return;
>      std::sscanf (tokp, "%d", &tmp_era.era_out.offset);
>      if (direction == '-')
>          tmp_era.era_out.offset *= -1;
>      
>      // now get the start date
>      tokp = std::strtok (0, ":");
> +    if (NULL == tokp)
> +        return;
>      unsigned int tmp_mon, tmp_day;
>      std::sscanf (tokp, "%d/%u/%u", &tmp_era.era_out.year[0], 
>                   &tmp_mon, &tmp_day);
> @@ -83,6 +87,8 @@
>  
>      // now get the end date (this may be the beginning or end of time
>      tokp = std::strtok (0, ":");
> +    if (NULL == tokp)
> +        return;
>      if (std::strcmp (tokp, "-*") == 0) {
>          tmp_era.era_out.year[1] = _RWSTD_INT_MIN;
>          tmp_era.era_out.month[1] = _RWSTD_CHAR_MIN;
> 


Mime
View raw message