Bug Summary

File:lib/gl/time_rz.c
Warning:line 223, column 11
Potential leak of memory pointed to by 'old_tz'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-redhat-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name time_rz.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/builds/gsasl/shishi/lib/gl -resource-dir /usr/lib64/clang/14.0.0 -D HAVE_CONFIG_H -I . -I ../.. -D PIC -internal-isystem /usr/lib64/clang/14.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/12/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wno-cast-qual -Wno-conversion -Wno-float-equal -Wno-sign-compare -Wno-undef -Wno-unused-function -Wno-unused-parameter -Wno-float-conversion -Wno-pedantic -Wno-sign-conversion -Wno-type-limits -Wno-unsuffixed-float-constants -fdebug-compilation-dir=/builds/gsasl/shishi/lib/gl -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /builds/gsasl/shishi/clang-analyzer/2022-08-08-065803-50050-1 -x c time_rz.c
1/* Time zone functions such as tzalloc and localtime_rz
2
3 Copyright 2015-2022 Free Software Foundation, Inc.
4
5 This file is free software: you can redistribute it and/or modify
6 it under the terms of the GNU Lesser General Public License as
7 published by the Free Software Foundation, either version 3 of the
8 License, or (at your option) any later version.
9
10 This file is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public License
16 along with this program. If not, see <https://www.gnu.org/licenses/>. */
17
18/* Written by Paul Eggert. */
19
20/* Although this module is not thread-safe, any races should be fairly
21 rare and reasonably benign. For complete thread-safety, use a C
22 library with a working timezone_t type, so that this module is not
23 needed. */
24
25#include <config.h>
26
27#include <time.h>
28
29#include <errno(*__errno_location ()).h>
30#include <stdbool.h>
31#include <stddef.h>
32#include <stdlib.h>
33#include <string.h>
34
35#include "flexmember.h"
36#include "idx.h"
37#include "time-internal.h"
38
39/* The approximate size to use for small allocation requests. This is
40 the largest "small" request for the GNU C library malloc. */
41enum { DEFAULT_MXFAST = 64 * sizeof (size_t) / 4 };
42
43/* Minimum size of the ABBRS member of struct tm_zone. ABBRS is larger
44 only in the unlikely case where an abbreviation longer than this is
45 used. */
46enum { ABBR_SIZE_MIN = DEFAULT_MXFAST - offsetof (struct tm_zone, abbrs)__builtin_offsetof(struct tm_zone, abbrs) };
47
48/* Magic cookie timezone_t value, for local time. It differs from
49 NULL and from all other timezone_t values. Only the address
50 matters; the pointer is never dereferenced. */
51static timezone_t const local_tz = (timezone_t) 1;
52
53/* Copy to ABBRS the abbreviation at ABBR with size ABBR_SIZE (this
54 includes its trailing null byte). Append an extra null byte to
55 mark the end of ABBRS. */
56static void
57extend_abbrs (char *abbrs, char const *abbr, size_t abbr_size)
58{
59 memcpy (abbrs, abbr, abbr_size);
60 abbrs[abbr_size] = '\0';
61}
62
63/* Return a newly allocated time zone for NAME, or NULL on failure.
64 A null NAME stands for wall clock time (which is like unset TZ). */
65timezone_t
66tzalloc (char const *name)
67{
68 size_t name_size = name
7.1
'name' is null
? strlen (name) + 1 : 0;
8
'?' condition is false
69 size_t abbr_size = name_size
8.1
'name_size' is < ABBR_SIZE_MIN
< ABBR_SIZE_MIN ? ABBR_SIZE_MIN : name_size + 1;
9
'?' condition is true
70 timezone_t tz = malloc (FLEXSIZEOF (struct tm_zone, abbrs, abbr_size)((__builtin_offsetof(struct tm_zone, abbrs) + _Alignof (struct
tm_zone) - 1 + (abbr_size)) & ~ (_Alignof (struct tm_zone
) - 1))
)
;
10
Memory is allocated
71 if (tz)
11
Assuming 'tz' is non-null
12
Taking true branch
72 {
73 tz->next = NULL((void*)0);
74#if HAVE_TZNAME && !HAVE_STRUCT_TM_TM_ZONE1
75 tz->tzname_copy[0] = tz->tzname_copy[1] = NULL((void*)0);
76#endif
77 tz->tz_is_set = !!name;
78 tz->abbrs[0] = '\0';
79 if (name
12.1
'name' is null
)
13
Taking false branch
80 extend_abbrs (tz->abbrs, name, name_size);
81 }
82 return tz;
83}
84
85/* Save into TZ any nontrivial time zone abbreviation used by TM, and
86 update *TM (if HAVE_STRUCT_TM_TM_ZONE) or *TZ (if
87 !HAVE_STRUCT_TM_TM_ZONE && HAVE_TZNAME) if they use the abbreviation.
88 Return true if successful, false (setting errno) otherwise. */
89static bool_Bool
90save_abbr (timezone_t tz, struct tm *tm)
91{
92#if HAVE_STRUCT_TM_TM_ZONE1 || HAVE_TZNAME
93 char const *zone = NULL((void*)0);
94 char *zone_copy = (char *) "";
95
96# if HAVE_TZNAME
97 int tzname_index = -1;
98# endif
99
100# if HAVE_STRUCT_TM_TM_ZONE1
101 zone = tm->tm_zone;
102# endif
103
104# if HAVE_TZNAME
105 if (! (zone && *zone) && 0 <= tm->tm_isdst)
106 {
107 tzname_index = tm->tm_isdst != 0;
108 zone = tzname[tzname_index];
109 }
110# endif
111
112 /* No need to replace null zones, or zones within the struct tm. */
113 if (!zone || ((char *) tm <= zone && zone < (char *) (tm + 1)))
114 return true1;
115
116 if (*zone)
117 {
118 zone_copy = tz->abbrs;
119
120 while (strcmp (zone_copy, zone) != 0)
121 {
122 if (! (*zone_copy || (zone_copy == tz->abbrs && tz->tz_is_set)))
123 {
124 idx_t zone_size = strlen (zone) + 1;
125 if (zone_size < tz->abbrs + ABBR_SIZE_MIN - zone_copy)
126 extend_abbrs (zone_copy, zone, zone_size);
127 else
128 {
129 tz = tz->next = tzalloc (zone);
130 if (!tz)
131 return false0;
132 tz->tz_is_set = 0;
133 zone_copy = tz->abbrs;
134 }
135 break;
136 }
137
138 zone_copy += strlen (zone_copy) + 1;
139 if (!*zone_copy && tz->next)
140 {
141 tz = tz->next;
142 zone_copy = tz->abbrs;
143 }
144 }
145 }
146
147 /* Replace the zone name so that its lifetime matches that of TZ. */
148# if HAVE_STRUCT_TM_TM_ZONE1
149 tm->tm_zone = zone_copy;
150# else
151 if (0 <= tzname_index)
152 tz->tzname_copy[tzname_index] = zone_copy;
153# endif
154#endif
155
156 return true1;
157}
158
159/* Free a time zone. */
160void
161tzfree (timezone_t tz)
162{
163 if (tz != local_tz)
18
Assuming 'tz' is equal to 'local_tz'
19
Taking false branch
164 while (tz)
165 {
166 timezone_t next = tz->next;
167 free (tz);
168 tz = next;
169 }
170}
171
172/* Get and set the TZ environment variable. These functions can be
173 overridden by programs like Emacs that manage their own environment. */
174
175#ifndef getenv_TZ
176static char *
177getenv_TZ (void)
178{
179 return getenv ("TZ");
180}
181#endif
182
183#ifndef setenv_TZ
184static int
185setenv_TZ (char const *tz)
186{
187 return tz ? setenv ("TZ", tz, 1) : unsetenv ("TZ");
188}
189#endif
190
191/* Change the environment to match the specified timezone_t value.
192 Return true if successful, false (setting errno) otherwise. */
193static bool_Bool
194change_env (timezone_t tz)
195{
196 if (setenv_TZ (tz->tz_is_set ? tz->abbrs : NULL((void*)0)) != 0)
197 return false0;
198 tzset ();
199 return true1;
200}
201
202/* Temporarily set the time zone to TZ, which must not be null.
203 Return LOCAL_TZ if the time zone setting is already correct.
204 Otherwise return a newly allocated time zone representing the old
205 setting, or NULL (setting errno) on failure. */
206static timezone_t
207set_tz (timezone_t tz)
208{
209 char *env_tz = getenv_TZ ();
210 if (env_tz
3.1
'env_tz' is null
4
'?' condition is false
6
Taking false branch
211 ? tz->tz_is_set && strcmp (tz->abbrs, env_tz) == 0 212 : !tz->tz_is_set)
5
Assuming field 'tz_is_set' is not equal to 0
213 return local_tz; 214 else 215 { 216 timezone_t old_tz = tzalloc (env_tz);
7
Calling 'tzalloc'
14
Returned allocated memory
217 if (!old_tz
14.1
'old_tz' is non-null
)
15
Taking false branch
218 return old_tz; 219 if (! change_env (tz))
16
Taking true branch
220 { 221 int saved_errno = errno(*__errno_location ()); 222 tzfree (old_tz);
17
Calling 'tzfree'
20
Returning from 'tzfree'
223 errno(*__errno_location ()) = saved_errno;
21
Potential leak of memory pointed to by 'old_tz'
224 return NULL((void*)0); 225 } 226 return old_tz; 227 } 228} 229 230/* Restore an old setting returned by set_tz. It must not be null. 231 Return true (preserving errno) if successful, false (setting errno) 232 otherwise. */ 233static bool_Bool 234revert_tz (timezone_t tz) 235{ 236 if (tz == local_tz) 237 return true1; 238 else 239 { 240 int saved_errno = errno(*__errno_location ()); 241 bool_Bool ok = change_env (tz); 242 if (!ok) 243 saved_errno = errno(*__errno_location ()); 244 tzfree (tz); 245 errno(*__errno_location ()) = saved_errno; 246 return ok; 247 } 248} 249 250/* Use time zone TZ to compute localtime_r (T, TM). */ 251struct tm * 252localtime_rz (timezone_t tz, time_t const *t, struct tm *tm) 253{ 254#ifdef HAVE_LOCALTIME_INFLOOP_BUG 255 /* The -67768038400665599 comes from: 256 https://lists.gnu.org/r/bug-gnulib/2017-07/msg00142.html 257 On affected platforms the greatest POSIX-compatible time_t value 258 that could return nonnull is 67768036191766798 (when 259 TZ="XXX24:59:59" it resolves to the year 2**31 - 1 + 1900, on 260 12-31 at 23:59:59), so test for that too while we're in the 261 neighborhood. */ 262 if (! (-67768038400665599 <= *t && *t <= 67768036191766798)) 263 { 264 errno(*__errno_location ()) = EOVERFLOW75; 265 return NULL((void*)0); 266 } 267#endif 268 269 if (!tz) 270 return gmtime_r (t, tm); 271 else 272 { 273 timezone_t old_tz = set_tz (tz); 274 if (old_tz) 275 { 276 bool_Bool abbr_saved = localtime_r (t, tm) && save_abbr (tz, tm); 277 if (revert_tz (old_tz) && abbr_saved) 278 return tm; 279 } 280 return NULL((void*)0); 281 } 282} 283 284/* Use time zone TZ to compute mktime (TM). */ 285time_t 286mktime_z (timezone_t tz, struct tm *tm) 287{ 288 if (!tz)
1
Assuming 'tz' is non-null
2
Taking false branch
289 return timegmrpl_timegm (tm); 290 else 291 { 292 timezone_t old_tz = set_tz (tz);
3
Calling 'set_tz'
293 if (old_tz) 294 { 295 struct tm tm_1; 296 tm_1.tm_sec = tm->tm_sec; 297 tm_1.tm_min = tm->tm_min; 298 tm_1.tm_hour = tm->tm_hour; 299 tm_1.tm_mday = tm->tm_mday; 300 tm_1.tm_mon = tm->tm_mon; 301 tm_1.tm_year = tm->tm_year; 302 tm_1.tm_yday = -1; 303 tm_1.tm_isdst = tm->tm_isdst; 304 time_t t = mktimerpl_mktime (&tm_1); 305 bool_Bool ok = 0 <= tm_1.tm_yday; 306#if HAVE_STRUCT_TM_TM_ZONE1 || HAVE_TZNAME 307 ok = ok && save_abbr (tz, &tm_1); 308#endif 309 if (revert_tz (old_tz) && ok) 310 { 311 *tm = tm_1; 312 return t; 313 } 314 } 315 return -1; 316 } 317}