July 27, 2006
5:55 p.m.
While experimenting with 'localhost.c' I discovered a bug in 'localtime.c' in 'tzload()'. The last few lines setup two flags 'goback' and 'goahead'. This code executes some invalid negative-offset array dereferences when the number of points in the array is too small. RHEL4.3 (CentOS 4.3) has zone files with fewer than 800 years in them and provokes this. I believe the attached patch corrects the problem. However I don't understand the purpose of the code and may have got it wrong. Please CC my e-mail with any replies as I'm not on the mailing list. Regards, David Lawless