openssh unix dev - Oct 2019 - [PATCH] Avoiding Dereferencing of NULL pointer

Signed-off-by: krishnaiah bommu <krishnaiah.bommu at intel.com>
---
 moduli.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/moduli.c b/moduli.c
index 578fc48..c1fa484 100644
--- a/moduli.c
+++ b/moduli.c
@@ -153,12 +153,14 @@ static int
 qfileout(FILE * ofile, u_int32_t otype, u_int32_t otests, u_int32_t otries,
     u_int32_t osize, u_int32_t ogenerator, BIGNUM * omodulus)
 {
-	struct tm *gtm;
+	struct tm *gtm = NULL;
 	time_t time_now;
 	int res;
 
 	time(&time_now);
 	gtm = gmtime(&time_now);
+	if (!gtm)
+		return (-1);
 
 	res = fprintf(ofile, "%04d%02d%02d%02d%02d%02d %u %u %u %u %x ",
 	    gtm->tm_year + 1900, gtm->tm_mon + 1, gtm->tm_mday,
-- 
2.7.4

Applied a variant, thanks.

On Thu, 3 Oct 2019 at 18:18, krishnaiah bommu <krishnaiah.bommu at
intel.com>
wrote:
> [...]
> -       struct tm *gtm;
> +       struct tm *gtm = NULL;
>
Since it's unconditionally assigned below, initialising it is not necessary.

+       if (!gtm)
> +               return (-1);
>
The OpenBSD style guide (http://man.openbsd.org/style.9) advises not using
negations on things that aren't boolean.

Thanks.
-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

> On 4 Oct 2019, at 05:56, Darren Tucker <dtucker at dtucker.net>
wrote:
> 
> Applied a variant, thanks.
> 
> On Thu, 3 Oct 2019 at 18:18, krishnaiah bommu <krishnaiah.bommu at
intel.com>
> wrote:
> 
>> [...]
>> -       struct tm *gtm;
>> +       struct tm *gtm = NULL;
>> 
> 
> Since it's unconditionally assigned below, initialising it is not
necessary.
> 
> +       if (!gtm)
>> +               return (-1);
>> 
> 
> The OpenBSD style guide (http://man.openbsd.org/style.9) advises not using
> negations on things that aren't boolean.
The initialization to NULL sounds bogus but technically gmtime can return
NULL at least on some systems. From the manpage on OS-X (closest I had
to hand):

     The functions ctime(), gmtime(), and localtime() all take
     as an argument a time value representing
     the time in seconds since the Epoch (00:00:00 UTC, January 1, 1970;
     see time(3)).  When encountering an error, these functions return
     NULL and set errno to an appropriate value.

Linux says:

     The gmtime() function converts the calendar time timep to broken-down
     time representation, expressed in Coordinated Universal Time (UTC).
     It may return NULL when the year does not fit into an integer.

This appears not to be the case on openbsd.

So given it uses the output of time(), at least on Linux, this is literally
a bug waiting to happen. Albeit it waiting a very very long time.

-- 
Alex Bligh