56520 – Unchecked Return Value malloc() in win32 timestr on WINDOWS platform

Bug 56520 - Unchecked Return Value malloc() in win32 timestr on WINDOWS platform

Summary: Unchecked Return Value malloc() in win32 timestr on WINDOWS platform

Status:	NEW

Alias:	None

Product:	APR
Classification:	Unclassified
Component:	APR (show other bugs)
Version:	HEAD
Hardware:	PC All

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache Portable Runtime bugs mailinglist

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-05-13 17:18 UTC by Max
Modified:	2014-05-13 18:51 UTC (History)
CC List:	1 user (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Max 2014-05-13 17:18:05 UTC

Unchecked Return Value malloc() in win32 timestr on WINDOWS platform

static apr_size_t win32_strftime_extra(char *s, size_t max, const char *format,
                                       const struct tm *tm) 
{
   /* If the new format string is bigger than max, the result string won't fit
    * anyway. If format strings are added, made sure the padding below is
    * enough */
    char *new_format = (char *) malloc(max + 11); <============ MALLOC
    size_t i, j, format_length = strlen(format);
    apr_size_t return_value;
    int length_written;
 
    for (i = 0, j = 0; (i < format_length && j < max);) {
        if (format[i] != '%') {
            new_format[j++] = format[i++]; <============ INVALID MEMORY REFERENCE
            continue;

BR,
Maksymilian
cifrex.org