isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check strftime(3) return value in all cases.

Browse Source 
Old versions of strftime(3) didn't guarantee to NUL-terminate the buffer
so we explicitly clear the last byte of the buffer and check it.
This commit is contained in:
Todd C. Miller
2021-09-17 14:01:28 -06:00
parent 698481492c
commit 55171df5e5
10 changed files with 105 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
plugins/audit_json/audit_json.c
View File

@@ -342,6 +342,7 @@ add_timestamp(struct json_container *json, struct timespec *ts)
time_t secs = ts->tv_sec;
char timebuf[1024];
struct tm gmt;
int len;
debug_decl(add_timestamp, SUDO_DEBUG_PLUGIN);
if (gmtime_r(&secs, &gmt) == NULL)
@@ -357,15 +358,21 @@ add_timestamp(struct json_container *json, struct timespec *ts)
json_value.u.number = ts->tv_nsec;
sudo_json_add_value(json, "nanoseconds", &json_value);
strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", &gmt);
json_value.type = JSON_STRING;
json_value.u.string = timebuf;
sudo_json_add_value(json, "iso8601", &json_value);
timebuf[sizeof(timebuf) - 1] = '\0';
len = strftime(timebuf, sizeof(timebuf), "%Y%m%d%H%M%SZ", &gmt);
if (len != 0 && timebuf[sizeof(timebuf) - 1] == '\0'){
json_value.type = JSON_STRING;
json_value.u.string = timebuf;
sudo_json_add_value(json, "iso8601", &json_value);
}
strftime(timebuf, sizeof(timebuf), "%a %b %e %H:%M:%S %Z %Y", &gmt);
json_value.type = JSON_STRING;
json_value.u.string = timebuf;
sudo_json_add_value(json, "localtime", &json_value);
timebuf[sizeof(timebuf) - 1] = '\0';
len = strftime(timebuf, sizeof(timebuf), "%a %b %e %H:%M:%S %Z %Y", &gmt);
if (len != 0 && timebuf[sizeof(timebuf) - 1] == '\0'){
json_value.type = JSON_STRING;
json_value.u.string = timebuf;
sudo_json_add_value(json, "localtime", &json_value);
}
sudo_json_close_object(json);