首頁 探索 說明
登入
hongwenjun
/
musl
镜像来自 https://git.musl-libc.org/git/musl
1
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

perform minimal sanity checks on zoneinfo files loaded via TZ variable

previously, setting TZ to the pathname of a file which was not a valid
zoneinfo file would usually cause programs using local time zone based
operations to crash. the new code checks the file size and magic at
the beginning of the file, which seems sufficient to prevent
accidental misconfiguration from causing crashes. attempting to make
fully-robust validation would be futile unless we wanted to drop use
of mmap (shared zoneinfo) and instead read it into a local buffer,
since such validation would be subject to race conditions with
modification of the file.
Rich Felker 11 年之前
父節點
0f2315b4af
當前提交
c3d9d172b1
共有 1 個文件被更改,包括 5 次插入0 次删除
分割檢視 顯示文件統計
  1. 5 0
      src/time/__tz.c

+ 5 - 0
src/time/__tz.c
查看文件 

@@ -168,6 +168,11 @@ static void do_tzset()
 
 		}
 
 		if (!map) s = __gmt;
 
 	}
 
+	if (map && (map_size < 44 || memcmp(map, "TZif", 4))) {
 
+		__munmap((void *)map, map_size);
 
+		map = 0;
 
+		s = __gmt;
 
+	}
 
 
 	zi = map;
 
 	if (map) {