Module Name: src Committed By: rillig Date: Sun Apr 21 08:56:49 UTC 2024
Modified Files: src/usr.bin/make: var.c Log Message: make: fix out-of-bounds read when evaluating :gmtime and :localtime The function TryParseTime takes a pointer to a string, but the LazyBuf returns a Substring, which is not guaranteed to be null-terminated or delimited. In TryParseTime, calling strtoul on the Substring read past the end of the substring. Noticed in the NetBSD build in libntp, where the :gmtime modifier is used in two places with the same timestamp value, of which the first was evaluated correctly and the second wasn't. The bug was introduced in var.c 1.1050 from 2023-05-09, when the argument of the :gmtime and :localtime modifiers was allowed to be an expression instead of an integer constant. To generate a diff of this commit: cvs rdiff -u -r1.1102 -r1.1103 src/usr.bin/make/var.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.