Willy,
please fill in the severity yourself.
Best regards
Tim Düsterhus
PS: sample_conv_http_date has a pretty messed up indentation, mixing tabs
and spaces. It probably should be cleaned up.
Apply with `git am --scissors` to automatically cut the commit message.
-- >8 --
Using localtime / gmtime is not thread-safe, whereas the `get_*` wrappers are.
Found using GitHub's CodeQL scan.
The use in sample_conv_ltime() can be traced back to at least
fac9ccfb705702f211f99e67d5f5d5129002086a (first appearing in 1.6-dev3), so all
supported branches with thread support are affected.
---
src/http_conv.c | 18 ++++++++----------
src/sample.c | 20 ++++++++------------
2 files changed, 16 insertions(+), 22 deletions(-)
diff --git a/src/http_conv.c b/src/http_conv.c
index dd1be1715..121a4989b 100644
--- a/src/http_conv.c
+++ b/src/http_conv.c
@@ -44,7 +44,7 @@ static int sample_conv_http_date(const struct arg *args,
struct sample *smp, voi
const char day[7][4] = { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri",
"Sat" };
const char mon[12][4] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
struct buffer *temp;
- struct tm *tm;
+ struct tm tm;
int sec_frac = 0;
time_t curr_date;
@@ -66,23 +66,21 @@ static int sample_conv_http_date(const struct arg *args,
struct sample *smp, voi
/* With high numbers, the date returned can be negative, the 55 bits
mask prevent this. */
curr_date = smp->data.u.sint & 0x007fffffffffffffLL;
- tm = gmtime(&curr_date);
- if (!tm)
- return 0;
+ get_gmtime(curr_date, &tm);
temp = get_trash_chunk();
if (args[1].type == ARGT_SINT && args[1].data.sint != TIME_UNIT_S) {
temp->data = snprintf(temp->area, temp->size - temp->data,
"%s, %02d %s %04d %02d:%02d:%02d.%d GMT",
- day[tm->tm_wday], tm->tm_mday,
mon[tm->tm_mon],
- 1900+tm->tm_year,
- tm->tm_hour, tm->tm_min, tm->tm_sec,
sec_frac);
+ day[tm.tm_wday], tm.tm_mday, mon[tm.tm_mon],
+ 1900+tm.tm_year,
+ tm.tm_hour, tm.tm_min, tm.tm_sec, sec_frac);
} else {
temp->data = snprintf(temp->area, temp->size - temp->data,
"%s, %02d %s %04d %02d:%02d:%02d GMT",
- day[tm->tm_wday], tm->tm_mday,
mon[tm->tm_mon],
- 1900+tm->tm_year,
- tm->tm_hour, tm->tm_min, tm->tm_sec);
+ day[tm.tm_wday], tm.tm_mday, mon[tm.tm_mon],
+ 1900+tm.tm_year,
+ tm.tm_hour, tm.tm_min, tm.tm_sec);
}
smp->data.u.str = *temp;
diff --git a/src/sample.c b/src/sample.c
index 6f0ddee20..b9d90ea0e 100644
--- a/src/sample.c
+++ b/src/sample.c
@@ -2300,18 +2300,16 @@ static int sample_conv_ltime(const struct arg *args,
struct sample *smp, void *p
struct buffer *temp;
/* With high numbers, the date returned can be negative, the 55 bits
mask prevent this. */
time_t curr_date = smp->data.u.sint & 0x007fffffffffffffLL;
- struct tm *tm;
+ struct tm tm;
/* add offset */
if (args[1].type == ARGT_SINT)
curr_date += args[1].data.sint;
- tm = localtime(&curr_date);
- if (!tm)
- return 0;
+ get_localtime(curr_date, &tm);
+
temp = get_trash_chunk();
- temp->data = strftime(temp->area, temp->size, args[0].data.str.area,
- tm);
+ temp->data = strftime(temp->area, temp->size, args[0].data.str.area,
&tm);
smp->data.u.str = *temp;
smp->data.type = SMP_T_STR;
return 1;
@@ -2337,18 +2335,16 @@ static int sample_conv_utime(const struct arg *args,
struct sample *smp, void *p
struct buffer *temp;
/* With high numbers, the date returned can be negative, the 55 bits
mask prevent this. */
time_t curr_date = smp->data.u.sint & 0x007fffffffffffffLL;
- struct tm *tm;
+ struct tm tm;
/* add offset */
if (args[1].type == ARGT_SINT)
curr_date += args[1].data.sint;
- tm = gmtime(&curr_date);
- if (!tm)
- return 0;
+ get_gmtime(curr_date, &tm);
+
temp = get_trash_chunk();
- temp->data = strftime(temp->area, temp->size, args[0].data.str.area,
- tm);
+ temp->data = strftime(temp->area, temp->size, args[0].data.str.area,
&tm);
smp->data.u.str = *temp;
smp->data.type = SMP_T_STR;
return 1;
--
2.33.0
