...
Avoid using the asctime() function with unsanitized data.
| Code Block | ||||
|---|---|---|---|---|
| ||||
struct tm time_tm; /* initialize time_tm */ char *time = asctime(&time_tm); |
...
You can sanitize the data before invoking asctime().
| Code Block | ||||
|---|---|---|---|---|
| ||||
int validate_tm(struct tm* time) {
/*
* The range of valid values of the tm_sec member is [0, 60]
* inclusive (to allow for leap seconds).
*/
if (time->tm_sec < 0 || time->tm_sec > 60) return 0;
if (time->tm_min < 0 || time->tm_min >= 60) return 0;
if (time->tm_hour < 0 || time->tm_hour >= 24) return 0;
if (time->tm_mday <= 0 || time->tm_mday > 31) return 0;
if (time->tm_mon < 0 || time->tm_mon >= 12) return 0;
/* While other years are legit, they may overflow asctime()'s buffer */
if (time->tm_year < -999 || time->tm_year > 9999) return 0;
if (time->tm_wday < 0 || time->tm_wday >= 7) return 0;
if (time->tm_yday < 0 || time->tm_yday >= 366) return 0;
return 1;
}
struct tm time_tm;
/* initialize time_tm */
if (!validate_tm(&time_tm)) {
/* handle error */
}
char *time = asctime(&time_tm);
|
...
The strftime() function allows you to specify a more rigorous format, and also to specify the maximum size of the resulting time string.
| Code Block | ||||
|---|---|---|---|---|
| ||||
struct tm time; const size_t maxsize = 26; /* or maximum size of time string */; char s[maxsize]; const char *format = "%c"; /* current time representation for locale */ const struct tm *timeptr; size_t size = strftime(s, maxsize, format, timeptr); |
...