commit 2c012a4d668fb7b9750efa29780f6ca3a9ef1598
from: the xhr <xhr@giessen.ccc.de>
date: Thu Aug 26 10:34:54 2021 UTC

Check the return value of strftime()

While OpenBSD guarantees NUL termination on overflow, other platforms
don't and thus the contents of the array are undefined.

commit - 56b35e42d570e4505081c2f1a9f8bc94704c7045
commit + 2c012a4d668fb7b9750efa29780f6ca3a9ef1598
blob - 6e07ccb5198ce78f4445f81a58349dd0f139d72e
blob + 54a7c48422a52eed1b53bdcf74a683d478a9d512
--- log.c
+++ log.c
@@ -243,7 +243,10 @@ log_access(const struct client_connection *cc, const c
 	t = time(NULL);
 	tm = *localtime(&t);
 
-	strftime(tmstr, sizeof(tmstr), "%d/%b/%Y:%H:%M:%S %Z", &tm);
+	if (strftime(tmstr, sizeof(tmstr), "%d/%b/%Y:%H:%M:%S %Z", &tm) == 0) {
+		log_warn("strftime couldn't save time string");
+		return;
+	}
 
 	user_log(0, "%s - - [%s] %s", cc->client_addr, tmstr, fmt);
 }
@@ -257,7 +260,10 @@ log_error(const struct client_connection *cc, const ch
 
 	t = time(NULL);
 	tm = *localtime(&t);
-	strftime(tmstr, sizeof(tmstr), "%d/%b/%Y:%H:%M:%S %Z", &tm);
+	if (strftime(tmstr, sizeof(tmstr), "%d/%b/%Y:%H:%M:%S %Z", &tm) == 0) {
+		log_warn("strftime couldn't save time string");
+		return;
+	}
 
 	user_log(1, "[%s] [error] [client %s] %s", tmstr,
 			cc->client_addr, fmt);