--- a/ChangeLog	Tue May 24 13:44:41 2011 +0200
+++ b/ChangeLog	Tue May 24 18:24:24 2011 +0200
@@ -1,5 +1,13 @@
 2011-05-24  Jim Meyering  <meyering@redhat.com>
 
+	utimensat: do not reference an out-of-scope buffer
+	Otherwise, with __linux__ defined, "times" would point to a buffer, "ts"
+	declared in an inner scope, yet "times" would be dereferenced outside
+	the scope in which "ts" was valid.
+	* lib/utimensat.c (rpl_utimensat) [__linux__]: Move the declaration
+	of ts[2] "out/up", so that the use of aliased "times" (via "times = ts;")
+	does not end up referencing an out-of-scope "ts"
+
 	opendir-safer.c: don't clobber errno; don't close negative FD
 	* lib/opendir-safer.c (opendir_safer):
 	[HAVE_FDOPENDIR || GNULIB_FDOPENDIR]: Don't close a negative

--- a/lib/utimensat.c	Tue May 24 13:44:41 2011 +0200
+++ b/lib/utimensat.c	Tue May 24 18:24:24 2011 +0200
@@ -48,6 +48,10 @@
 rpl_utimensat (int fd, char const *file, struct timespec const times[2],
                int flag)
 {
+# ifdef __linux__
+  struct timespec ts[2];
+# endif
+
   /* See comments in utimens.c for details.  */
   static int utimensat_works_really; /* 0 = unknown, 1 = yes, -1 = no.  */
   if (0 <= utimensat_works_really)
@@ -55,7 +59,6 @@
       int result;
 # ifdef __linux__
       struct stat st;
-      struct timespec ts[2];
       /* As recently as Linux kernel 2.6.32 (Dec 2009), several file
          systems (xfs, ntfs-3g) have bugs with a single UTIME_OMIT,
          but work if both times are either explicitly specified or