VirtualBox

Ignore:
Timestamp:
Sep 23, 2020 2:27:45 PM (4 years ago)
Author:
vboxsync
Message:

IPRT: RTTimeZoneGetCurrent-posix.cpp should validate the string encoding before using a timezone name.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/Runtime/r3/posix/RTTimeZoneGetCurrent-posix.cpp

    r86239 r86240  
    7676        return VERR_INVALID_PARAMETER;
    7777
    78     /* construct full pathname of the time zone file */
    79     char szTZPath[RTPATH_MAX];
    80     int rc = RTPathJoin(szTZPath, sizeof(szTZPath), TZDIR, pszTimeZone);
     78    int rc = RTStrValidateEncoding(pszTimeZone);
    8179    if (RT_SUCCESS(rc))
    8280    {
    83         /* open the time zone file and check that it begins with the correct magic number */
    84         RTFILE hFile = NIL_RTFILE;
    85         rc = RTFileOpen(&hFile, szTZPath, RTFILE_O_READ | RTFILE_O_OPEN | RTFILE_O_DENY_WRITE);
    86         if (RT_SUCCESS(rc))
    87         {
    88             char achTZBuf[sizeof(TZ_MAGIC)];
    89             rc = RTFileRead(hFile, achTZBuf, sizeof(achTZBuf), NULL);
    90             RTFileClose(hFile);
     81        /* construct full pathname of the time zone file */
     82        char szTZPath[RTPATH_MAX];
     83        rc = RTPathJoin(szTZPath, sizeof(szTZPath), TZDIR, pszTimeZone);
     84        if (RT_SUCCESS(rc))
     85        {
     86            /* open the time zone file and check that it begins with the correct magic number */
     87            RTFILE hFile = NIL_RTFILE;
     88            rc = RTFileOpen(&hFile, szTZPath, RTFILE_O_READ | RTFILE_O_OPEN | RTFILE_O_DENY_WRITE);
    9189            if (RT_SUCCESS(rc))
    9290            {
    93                 if (memcmp(achTZBuf, RT_STR_TUPLE(TZ_MAGIC)) == 0)
    94                     rc = VINF_SUCCESS;
    95                 else
    96                     rc = VERR_INVALID_MAGIC;
     91                char achTZBuf[sizeof(TZ_MAGIC)];
     92                rc = RTFileRead(hFile, achTZBuf, sizeof(achTZBuf), NULL);
     93                RTFileClose(hFile);
     94                if (RT_SUCCESS(rc))
     95                {
     96                    if (memcmp(achTZBuf, RT_STR_TUPLE(TZ_MAGIC)) == 0)
     97                        rc = VINF_SUCCESS;
     98                    else
     99                        rc = VERR_INVALID_MAGIC;
     100                }
    97101            }
    98102        }
     
    195199
    196200                rc = rtIsValidTimeZoneFile(pszTimeZone);
    197                 /** @todo UTF-8 encoding. */
    198201                if (RT_SUCCESS(rc))
    199202                    return RTStrCopy(pszName, cbName, pszTimeZone);
     
    224227                    {
    225228                        RTStrmClose(pStrm);
    226                         /** @todo UTF-8 encoding. */
    227229                        return RTStrCopy(pszName, cbName, pszTimeZone);
    228230                    }
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette