On 12.07.24 11:51, Richard Weinberger wrote:
Am Freitag, 12. Juli 2024, 11:46:08 CEST schrieb 'Heinrich Schuchardt' via upstream:
Am 12. Juli 2024 10:24:54 MESZ schrieb Richard Weinberger richard@nod.at:
Make sure that tm_mday and tm_mon are within the expected range. Upper layers such as rtc_calc_weekday() will use them as lookup keys for arrays and this can cause out of bounds memory accesses.
rtc_calc_weekday() might receive invalid input from other sources. Shouldn't the function always validate its input before array access?
It depends on the overall design. Functions like strlen() also assume that you provide a valid string, so rtc_calc_weekday() can assume too that the passed rtc_time structure contains valid data.
In doubt, let's fix both FAT and rtc_calc_weekday().
Other source locations where the content of struct rtc_time is not (fully) validated before calling rtc_calc_weekday are
mc146818_get() mk_date()
to name a few.
Other RTC drivers might also be placing garbage in a struct rtc_time, e.g.
omap_rtc_get() m41t62_update_rtc_time()
Best regards
Heinrich