avoid out-of-bounds read for invalid quoted timezone

Parsing the timezone name must stop when reaching the null terminator. In that case, there is no '>' to skip.

avoid out-of-bounds read for invalid quoted timezone
Parsing the timezone name must stop when reaching the null terminator. In that case, there is no '>' to skip.
8e452aba · Samuel Holland · Rich Felker · 526df238 · 8e452aba
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

src/time/__tz.c src/time/__tz.c +2 -2

未找到文件。
--- a/src/time/__tz.c
+++ b/src/time/__tz.c
@@ -86,9 +86,9 @@ static void getname(char *d, const char **p)
 	int i;
 	if (**p == '<') {
 		++*p;
-		for (i=0; (*p)[i]!='>' && i<TZNAME_MAX; i++)
+		for (i=0; (*p)[i] && (*p)[i]!='>' && i<TZNAME_MAX; i++)
 			d[i] = (*p)[i];
-		++*p;
+		if ((*p)[i]) ++*p;
 	} else {
 		for (i=0; ((*p)[i]|32)-'a'<26U && i<TZNAME_MAX; i++)
 			d[i] = (*p)[i];