Bug 1227497, Function PR_LocalTimeParameters from nsprpub/pr/src/misc/prtime.c can create variable localTime with garbage content, r=wtc
authorKai Engert <kaie@kuix.de>
Wed, 08 Mar 2017 12:30:28 +0100
changeset 4708 bdc2f42edf03e1bec3e52026a40a9c84467e9499
parent 4707 2f1bfbcc79baac751f8bd83a9f799f33366b8d3a
child 4709 b8ceb5cab1b2d6bc9dc188e9b2804fc6d6234bb1
push id232
push userkaie@kuix.de
push dateWed, 08 Mar 2017 11:31:37 +0000
reviewerswtc
bugs1227497
Bug 1227497, Function PR_LocalTimeParameters from nsprpub/pr/src/misc/prtime.c can create variable localTime with garbage content, r=wtc
pr/src/misc/prtime.c
--- a/pr/src/misc/prtime.c
+++ b/pr/src/misc/prtime.c
@@ -589,16 +589,17 @@ void _PR_CleanupTime(void)
 #if defined(XP_UNIX) || defined(XP_PC) || defined(XP_BEOS)
 
 PR_IMPLEMENT(PRTimeParameters)
 PR_LocalTimeParameters(const PRExplodedTime *gmt)
 {
 
     PRTimeParameters retVal;
     struct tm localTime;
+    struct tm *localTimeResult;
     time_t secs;
     PRTime secs64;
     PRInt64 usecPerSec;
     PRInt64 usecPerSec_1;
     PRInt64 maxInt32;
     PRInt64 minInt32;
     PRInt32 dayOffset;
     PRInt32 offset2Jan1970;
@@ -615,17 +616,22 @@ PR_LocalTimeParameters(const PRExplodedT
      * Caveat: the validity of this calculation depends on two
      * assumptions:
      * 1. Daylight saving time was not in effect on Jan. 2, 1970.
      * 2. The time zone of the geographic location has not changed
      *    since Jan. 2, 1970.
      */
 
     secs = 86400L;
-    (void) MT_safe_localtime(&secs, &localTime);
+    localTimeResult = MT_safe_localtime(&secs, &localTime);
+    PR_ASSERT(localTimeResult != NULL);
+    if (localTimeResult == NULL) {
+        /* Shouldn't happen. Use safe fallback for optimized builds. */
+        return PR_GMTParameters(gmt);
+    }
 
     /* GMT is 00:00:00, 2nd of Jan. */
 
     offset2Jan1970 = (PRInt32)localTime.tm_sec 
             + 60L * (PRInt32)localTime.tm_min
             + 3600L * (PRInt32)localTime.tm_hour
             + 86400L * (PRInt32)((PRInt32)localTime.tm_mday - 2L);
 
@@ -966,16 +972,17 @@ PR_ParseTimeStringToExplodedTime(
   TIME_TOKEN zone = TT_UNKNOWN;
   int zone_offset = -1;
   int dst_offset = 0;
   int date = -1;
   PRInt32 year = -1;
   int hour = -1;
   int min = -1;
   int sec = -1;
+  struct tm *localTimeResult;
 
   const char *rest = string;
 
   int iterations = 0;
 
   PR_ASSERT(string && result);
   if (!string || !result) return PR_FAILURE;
 
@@ -1627,17 +1634,21 @@ PR_ParseTimeStringToExplodedTime(
                       return PR_SUCCESS;
                     }
                 }
                 
                 /* So mktime() can't handle this case.  We assume the
                    zone_offset for the date we are parsing is the same as
                    the zone offset on 00:00:00 2 Jan 1970 GMT. */
                 secs = 86400;
-                (void) MT_safe_localtime(&secs, &localTime);
+                localTimeResult = MT_safe_localtime(&secs, &localTime);
+                PR_ASSERT(localTimeResult != NULL);
+                if (localTimeResult == NULL) {
+                    return PR_FAILURE;
+                }
                 zone_offset = localTime.tm_min
                               + 60 * localTime.tm_hour
                               + 1440 * (localTime.tm_mday - 2);
         }
 
   result->tm_params.tp_gmt_offset = zone_offset * 60;
   result->tm_params.tp_dst_offset = dst_offset * 60;