github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-04-11 06:23:50 +00:00
Code Issues Projects Releases Wiki Activity

fix(userspace): replace gmtime/localtime with reentrant variants

Browse Source 
gmtime() and localtime() return pointers to a shared static buffer,
making them unsafe in multi-threaded contexts. Replace all call sites
with gmtime_r() and localtime_r() which use caller-provided buffers.

Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
This commit is contained in:
Leonardo Grasso
2026-04-09 11:35:37 +02:00
parent 1d73b2f0a9
commit 5e91db569a
3 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
userspace/engine/formats.cpp
View File

@@ -98,7 +98,9 @@ std::string falco_formats::format_event(sinsp_evt *evt,
char time_ns[12]; // sizeof ".sssssssssZ"
std::string iso8601evttime;
strftime(time_sec, sizeof(time_sec), "%FT%T", gmtime(&evttime));
struct tm tm_buf;
gmtime_r(&evttime, &tm_buf);
strftime(time_sec, sizeof(time_sec), "%FT%T", &tm_buf);
snprintf(time_ns, sizeof(time_ns), ".%09luZ", evt->get_ts() % 1000000000);
iso8601evttime = time_sec;
iso8601evttime += time_ns;

10
userspace/engine/logger.cpp
View File

@@ -122,14 +122,16 @@ void falco_logger::log(falco_logger::level priority, const std::string&& msg) {
std::time_t result = std::time(nullptr);
if(falco_logger::time_format_iso_8601) {
char buf[sizeof "YYYY-MM-DDTHH:MM:SS-0000"];
const struct tm* gtm = std::gmtime(&result);
if(gtm != NULL && (strftime(buf, sizeof(buf), "%FT%T%z", gtm) != 0)) {
struct tm gtm;
if(gmtime_r(&result, &gtm) != NULL &&
(strftime(buf, sizeof(buf), "%FT%T%z", &gtm) != 0)) {
fprintf(stderr, "%s: %s", buf, copy.c_str());
}
} else {
const struct tm* ltm = std::localtime(&result);
struct tm ltm;
localtime_r(&result, &ltm);
char tstr[std::size("WWW MMM DD HH:mm:ss YYYY")];
std::strftime(std::data(tstr), std::size(tstr), "%a %b %d %H:%M:%S %Y", ltm);
std::strftime(std::data(tstr), std::size(tstr), "%a %b %d %H:%M:%S %Y", &ltm);
fprintf(stderr, "%s: %s", tstr, copy.c_str());
}
}

4
userspace/falco/falco_outputs.cpp
View File

@@ -181,7 +181,9 @@ void falco_outputs::handle_msg(uint64_t ts,
char time_ns[12]; // sizeof ".sssssssssZ"
std::string iso8601evttime;
strftime(time_sec, sizeof(time_sec), "%FT%T", gmtime(&evttime));
struct tm tm_buf;
gmtime_r(&evttime, &tm_buf);
strftime(time_sec, sizeof(time_sec), "%FT%T", &tm_buf);
snprintf(time_ns, sizeof(time_ns), ".%09luZ", ts % 1000000000);
iso8601evttime = time_sec;
iso8601evttime += time_ns;