Attention to bug 170444

Thomas Bushnell BSG tb at becket.net
Sun Aug 28 17:06:29 EDT 2005


Attention please to http://bugzilla.gnome.org/show_bug.cgi?id=170444
(Debian bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=312109).

I believe I have the fix.  The problem is that many locales have date
string formats longer than eleven characters.  Eleven was fine for
"%d/%m/%Y" but not for anything longer.  Then when printDate is
called, it overruns the provided buffer if we are using a
locale-provided date string.

There is much chaos in the printDate regime in gnucash, with some
callers using MAX_DATE_LENGTH and other callers using 100 or making up
their own buffer sizes on the fly.  I'm bumping MAX_DATE_LENGTH from
eleven to forty for Debian (which will close the Debian bug), but it
would be nice if the upstream maintainers (y'all!) could at least put
a patch into the 1.8 branch and keep in mind that reported bugs about
random crashes, particularly if the locale is one of the following,
could be this problem.

In recent GNU libc, I think the following locales have such a problem:

ar_AE ar_BH ar_DZ ar_EG ar_IQ ar_JO ar_KW ar_LB ar_LY ar_MA ar_OM
ar_QA ar_SD ar_SY ar_TN ar_YE ar_SA ar_IN bn_BN bn_IN en_IN gu_IN
hi_IN kn_IN mr_IN ms_MY ne_NP pa_IN ta_IN te_IN en_HK en_PH en_SG
ml_IN eu_ES fa_IR is_IS ja_JP kl_GL ko_KR lv_LV mt_MT nn_NO sl_SI
sr_CS zh_CN zh_SG zh_HK zh_TW

Note particularly that all the Arabic, Chinese, Japanese, and Korean
locales will have a problem; likewise all the variants for India.
English variants for southeast Asia also have problems.  Those are
some of the more notable ones.  Basque too.

Thomas


More information about the gnucash-devel mailing list