syslog: use C locale for timestamp generation

depending on contents of the LC_TIME locale, log messages could be malformatted (especially if the ABMON strings contain non-alphabetic characters) or the subsequent code could invoke undefined behavior, via passing a timebuf[] with unspecified contents to snprintf, if the translated ABMON string did not fit in the 16-byte timebuf. this does not appear to be a security-relevant bug, as locale loading functionality is intentionally not available to set*id programs -- the MUSL_LOCPATH environment variable is ignored when libc.secure is true, and custom locales are not loadable without it.
2025-03-06 20:48:29 +01:00 · 2024-02-07 16:08:11 -05:00 · 2024-02-07 16:08:11 -05:00 · 39838619bb
commit 39838619bb
parent 8b70486807
1 changed files with 2 additions and 1 deletions
--- a/src/misc/syslog.c
+++ b/src/misc/syslog.c
@ -11,6 +11,7 @@
 #include <fcntl.h>
 #include "lock.h"
 #include "fork_impl.h"
+#include "locale_impl.h"

 static volatile int lock[1];
 static char log_ident[32];
@ -99,7 +100,7 @@ static void _vsyslog(int priority, const char *message, va_list ap)

 	now = time(NULL);
 	gmtime_r(&now, &tm);
-	strftime(timebuf, sizeof timebuf, "%b %e %T", &tm);
+	strftime_l(timebuf, sizeof timebuf, "%b %e %T", &tm, C_LOCALE);

 	pid = (log_opt & LOG_PID) ? getpid() : 0;
 	l = snprintf(buf, sizeof buf, "<%d>%s %n%s%s%.0d%s: ",