Date: Wed, 11 Aug 2004 13:35:13 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Mipam <mipam@ibb.net> Cc: freebsd-questions@freebsd.org Subject: Re: localtime question Message-ID: <20040811103513.GA46089@orion.daedalusnetworks.priv> In-Reply-To: <Pine.BSO.4.56.0408111219440.11899@ux11.ltcm.net> References: <20040810171119.GA26303@orion.daedalusnetworks.priv> <Pine.BSO.4.56.0408111039230.11899@ux11.ltcm.net> <20040811094244.GA30843@orion.daedalusnetworks.priv> <Pine.BSO.4.56.0408111219440.11899@ux11.ltcm.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2004-08-11 12:23, Mipam <mipam@ibb.net> wrote:
> On Wed, 11 Aug 2004, Giorgos Keramidas wrote:
> > On 2004-08-11 10:44, Mipam <mipam@ibb.net> wrote:
> > > #include <time.h>
> > > #include <stdio.h>
> > >
> > > int main()
> > > {
> > > struct tm *ptr;
> > > time_t tm;
> > > char str[60];
> > > char str2[60];
> > > char str3[60];
> > >
> > > tm = time(NULL)-86400;
> > > ptr = localtime(&tm);
> > > strftime(str ,100 , "%d",ptr);
> > > strftime(str2 ,100 , "%m",ptr);
> > > strftime(str3 ,100 , "%Y",ptr);
> > > printf("%s %s %s\n",str3,str2,str);
> > >
> > > return 0;
> > > }
> > >
> > > This runs just fine: 2004 08 10
> > > I dont know what the 100 is good for?
> >
> > It's the size of the buffer that strftime() gets as the first argument.
> > In this case 100 is a bug waiting to happen, because the buffers are
> > allocated with only 60 bytes of data. The manpage of strftime()
> > explains what each argument is supposed to be.
>
> Okay, so i should do:
> strftime(str ,60 , "%d",ptr);
> Could i do a check, i mean:
> ptr = localtime(&tm); here i assign the output of locatime... to
> ptr and ptr is a string of 60 characters,
No, most certainly not. `ptr' is not a string of characters. It's a
pointer to a (struct tm).
> what if for some reason localtime(&tm) exceeds the 60 characters, then
> i have a nice buffer overflow. Can i do a check before doing: ptr =
> localtime(&tm); whether localtime(&tm) does not exceed 60 characters?
In your program above `ptr' is a (struct tm *). It doesn't have
anything to do with the character arrays `str', `str2' and `str3' which
are declared below as vectors of 60 characters.
> When i done that check, i dont need an additional check in the
> strftime, where also 60 is assigned.
You would still have to pass a valid buffer size to strftime() to avoid
overflows. If you don't then there is no way for strftime() to know the
size of the array that it gets as its first argument.
By the way... Since freebsd-questions is not a place for lessons about
programming in C, could I ask you to post future messages personally or
to another mailing list more related to programming in C?
- Giorgos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040811103513.GA46089>