Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20140420033536.GW26358@brightrain.aerifal.cx>
Date: Sat, 19 Apr 2014 23:35:36 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: Re: asctime(0) Segmentation fault

On Sat, Apr 19, 2014 at 11:33:06PM -0400, John Mudd wrote:
> Yes, asctime(0) might be my bad assumption.
> 
> Does this help?
> 
> (gdb) backtrace
> #0  a_crash () at ./arch/i386/atomic.h:124
> #1  0xb7fc735b in __asctime (tm=0xbfffde64, buf=0xb7fff288 <buf.1032> "Mon
> Jan  1 00:00:00 12345") at src/time/__asctime.c:26
> #2  0xb7fc91d7 in asctime (tm=tm@...ry=0xbfffde64) at src/time/asctime.c:8
> #3  0xb7c89709 in time_asctime (self=0x0, args=0xb7d05bcc) at
> /home/mudd/musl/Python-2.7.6/Modules/timemodule.c:574
> #4  0xb7e1989d in PyCFunction_Call (func=func@...ry=0xb7d056cc,
> arg=arg@...ry=0xb7d05bcc, kw=kw@...ry=0x0) at Objects/methodobject.c:81

Yes. musl's asctime is intentionally crashing when the resulting
string would be >26 bytes rather than silently clobbering whatever
memory lies just beyond the end of the static buffer.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.