On 12.07.24 11:51, Richard Weinberger wrote:
Am Freitag, 12. Juli 2024, 11:46:08 CEST schrieb 'Heinrich Schuchardt' via
upstream:
Am 12. Juli 2024 10:24:54 MESZ schrieb Richard Weinberger <rich...@nod.at>:
Make sure that tm_mday and tm_mon are within the expected
range. Upper layers such as rtc_calc_weekday() will use
them as lookup keys for arrays and this can cause out of
bounds memory accesses.
rtc_calc_weekday() might receive invalid input from other sources. Shouldn't
the function always validate its input before array access?
It depends on the overall design.
Functions like strlen() also assume that you provide a valid string,
so rtc_calc_weekday() can assume too that the passed rtc_time structure
contains valid data.
In doubt, let's fix both FAT and rtc_calc_weekday().
Other source locations where the content of struct rtc_time is not
(fully) validated before calling rtc_calc_weekday are
mc146818_get()
mk_date()
to name a few.
Other RTC drivers might also be placing garbage in a struct rtc_time, e.g.
omap_rtc_get()
m41t62_update_rtc_time()
Best regards
Heinrich