From: Jim Meyering <meyering@redhat.com>
Date: Tue, 24 May 2011 16:24:24 +0000 (+0200)
Subject: utimensat: do not reference an out-of-scope buffer
X-Git-Tag: stable/20110609~69
X-Git-Url: http://erislabs.org.uk/gitweb/?a=commitdiff_plain;h=d0fe9209ffab797cb556047e7c272341d5df2f3e;p=gnulib.git

utimensat: do not reference an out-of-scope buffer

Otherwise, with __linux__ defined, "times" would point to a buffer, "ts"
declared in an inner scope, yet "times" would be dereferenced outside
the scope in which "ts" was valid.
* lib/utimensat.c (rpl_utimensat) [__linux__]: Move the declaration
of ts[2] "out/up", so that the use of aliased "times" (via "times = ts;")
does not end up referencing an out-of-scope "ts"
(cherry picked from commit 6dc42e2d25df9c84b335062bad9beb0a7319647b)
---

diff --git a/ChangeLog b/ChangeLog
index aaaa43699..c801958ce 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,13 @@
 2011-05-24  Jim Meyering  <meyering@redhat.com>
 
+	utimensat: do not reference an out-of-scope buffer
+	Otherwise, with __linux__ defined, "times" would point to a buffer, "ts"
+	declared in an inner scope, yet "times" would be dereferenced outside
+	the scope in which "ts" was valid.
+	* lib/utimensat.c (rpl_utimensat) [__linux__]: Move the declaration
+	of ts[2] "out/up", so that the use of aliased "times" (via "times = ts;")
+	does not end up referencing an out-of-scope "ts"
+
 	opendir-safer.c: don't clobber errno; don't close negative FD
 	* lib/opendir-safer.c (opendir_safer):
 	[HAVE_FDOPENDIR || GNULIB_FDOPENDIR]: Don't close a negative
diff --git a/lib/utimensat.c b/lib/utimensat.c
index e63692a49..5a55e64f7 100644
--- a/lib/utimensat.c
+++ b/lib/utimensat.c
@@ -48,6 +48,10 @@ int
 rpl_utimensat (int fd, char const *file, struct timespec const times[2],
                int flag)
 {
+# ifdef __linux__
+  struct timespec ts[2];
+# endif
+
   /* See comments in utimens.c for details.  */
   static int utimensat_works_really; /* 0 = unknown, 1 = yes, -1 = no.  */
   if (0 <= utimensat_works_really)
@@ -55,7 +59,6 @@ rpl_utimensat (int fd, char const *file, struct timespec const times[2],
       int result;
 # ifdef __linux__
       struct stat st;
-      struct timespec ts[2];
       /* As recently as Linux kernel 2.6.32 (Dec 2009), several file
          systems (xfs, ntfs-3g) have bugs with a single UTIME_OMIT,
          but work if both times are either explicitly specified or