From b6de5ac9ed421362f479d1ad4fa433d2e25dad5b Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 21 Nov 2014 01:00:38 +0000
Subject: upstream commit

fix NULL pointer dereference crash on invalid timestamp

found using Michal Zalewski's afl fuzzer
---
 krl.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/krl.c b/krl.c
index 832ac8b0a..e56f884f6 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.c,v 1.18 2014/11/17 00:21:40 djm Exp $ */
+/* $OpenBSD: krl.c,v 1.19 2014/11/21 01:00:38 djm Exp $ */
 
 #include "includes.h"
 
@@ -747,8 +747,12 @@ format_timestamp(u_int64_t timestamp, char *ts, size_t nts)
 
 	t = timestamp;
 	tm = localtime(&t);
-	*ts = '\0';
-	strftime(ts, nts, "%Y%m%dT%H%M%S", tm);
+	if (tm == NULL)
+		strlcpy(ts, "<INVALID>", sizeof(nts));
+	else {
+		*ts = '\0';
+		strftime(ts, nts, "%Y%m%dT%H%M%S", tm);
+	}
 }
 
 static int
-- 
cgit v1.2.3