Avoid overrun when converting ns-resolution timestamps to text

Caught by gcc -fsanitize=address. Inspired by Matthias Andree’s bug report in: https://lists.gnu.org/r/bug-tar/2025-08/msg00019.html though I found this bug via a simple "make check" with sanitization enabled. * src/common.h (TIMESPEC_STRSIZE_BOUND): Make room for leading '-', needed in addition to the '-' room supplied by SYSINT_BUFSIZE due to the way code_timespec works.
2025-08-18 17:14:13 -07:00
parent ea7cfcba77
commit ca02de4050
1 changed files with 1 additions and 1 deletions
--- a/src/common.h
+++ b/src/common.h
@@ -715,7 +715,7 @@ char *timetostr (time_t, char buf[SYSINT_BUFSIZE]);
 void code_ns_fraction (int ns, char *p);
 enum { BILLION = 1000000000, LOG10_BILLION = 9 };
 enum { TIMESPEC_STRSIZE_BOUND =
-         SYSINT_BUFSIZE + LOG10_BILLION + sizeof "." - 1 };
+         sizeof "-." - 1 + SYSINT_BUFSIZE + LOG10_BILLION };
 char const *code_timespec (struct timespec ts,
 			   char tsbuf[TIMESPEC_STRSIZE_BOUND]);
 struct timespec decode_timespec (char const *, char **, bool);