Re: proposed time zone package changes (revised)
Here are the proposed changes, revised to incorporate KRE's suggestion on how to handle NULLs passed to asctime_r. --ado ------- asctime.c ------- *** /tmp/geta27327 Sat Feb 6 14:46:35 2010 --- /tmp/getb27327 Sat Feb 6 14:46:35 2010 *************** *** 11,17 **** #ifndef lint #ifndef NOID ! static char elsieid[] = "@(#)asctime.c 8.2"; #endif /* !defined NOID */ #endif /* !defined lint */ --- 11,17 ---- #ifndef lint #ifndef NOID ! static char elsieid[] = "@(#)asctime.c 8.4"; #endif /* !defined NOID */ #endif /* !defined lint */ *************** *** 91,96 **** --- 91,101 ---- char year[INT_STRLEN_MAXIMUM(int) + 2]; char result[MAX_ASCTIME_BUF_SIZE]; + if (timeptr == NULL) { + errno = EINVAL; + (void) strcpy(buf, "??? ??? ?? ??:??:?? ????\n"); + return buf; + } if (timeptr->tm_wday < 0 || timeptr->tm_wday >= DAYSPERWEEK) wn = "???"; else wn = wday_name[timeptr->tm_wday]; ------- localtime.c ------- *** /tmp/geta27345 Sat Feb 6 14:46:35 2010 --- /tmp/getb27345 Sat Feb 6 14:46:35 2010 *************** *** 5,11 **** #ifndef lint #ifndef NOID ! static char elsieid[] = "@(#)localtime.c 8.9"; #endif /* !defined NOID */ #endif /* !defined lint */ --- 5,11 ---- #ifndef lint #ifndef NOID ! static char elsieid[] = "@(#)localtime.c 8.10"; #endif /* !defined NOID */ #endif /* !defined lint */ *************** *** 1889,1894 **** --- 1889,1898 ---- int types[TZ_MAX_TYPES]; int okay; + if (tmp == NULL) { + errno = EINVAL; + return WRONG; + } if (tmp->tm_isdst > 1) tmp->tm_isdst = 1; t = time2(tmp, funcp, offset, &okay); *************** *** 1960,1966 **** timelocal(tmp) struct tm * const tmp; { ! tmp->tm_isdst = -1; /* in case it wasn't initialized */ return mktime(tmp); } --- 1964,1971 ---- timelocal(tmp) struct tm * const tmp; { ! if (tmp != NULL) ! tmp->tm_isdst = -1; /* in case it wasn't initialized */ return mktime(tmp); } *************** *** 1968,1974 **** timegm(tmp) struct tm * const tmp; { ! tmp->tm_isdst = 0; return time1(tmp, gmtsub, 0L); } --- 1973,1980 ---- timegm(tmp) struct tm * const tmp; { ! if (tmp != NULL) ! tmp->tm_isdst = 0; return time1(tmp, gmtsub, 0L); } *************** *** 1977,1983 **** struct tm * const tmp; const long offset; { ! tmp->tm_isdst = 0; return time1(tmp, gmtsub, offset); } --- 1983,1990 ---- struct tm * const tmp; const long offset; { ! if (tmp != NULL) ! tmp->tm_isdst = 0; return time1(tmp, gmtsub, offset); }
On Sat, Feb 6, 2010 at 11:49 AM, Arthur David Olson < olsona@elsie.nci.nih.gov> wrote:
Here are the proposed changes, revised to incorporate KRE's suggestion on how to handle NULLs passed to asctime_r.
--ado
------- asctime.c ------- *** /tmp/geta27327 Sat Feb 6 14:46:35 2010 --- /tmp/getb27327 Sat Feb 6 14:46:35 2010 [...]
*************** *** 91,96 **** --- 91,101 ---- char year[INT_STRLEN_MAXIMUM(int) + 2]; char result[MAX_ASCTIME_BUF_SIZE];
+ if (timeptr == NULL) { + errno = EINVAL; + (void) strcpy(buf, "??? ??? ?? ??:??:?? ????\n"); + return buf; + } if (timeptr->tm_wday < 0 || timeptr->tm_wday >= DAYSPERWEEK) wn = "???"; else wn = wday_name[timeptr->tm_wday];
You could avoid the cast by using: return strcpy(buf, "??? ??? ?? ??:??:?? ????\n"); This is one of the few occasions when the return value from strcpy() actually is useful. (So often, it would be more useful if it returned a pointer to the NUL '\0' at the end of the string.) -- Jonathan Leffler <jonathan.leffler@gmail.com> #include <disclaimer.h> Guardian of DBD::Informix - v2008.0513 - http://dbi.perl.org "Blessed are we who can laugh at ourselves, for we shall never cease to be amused."
Jonathan Leffler <jonathan.leffler <at> gmail.com> writes:
You could avoid the cast by using: return strcpy(buf, "??? ??? ?? ??:??:?? ????\n");This is one of the few occasions when the return value from strcpy() actually is useful. (So often, it would be more useful if it returned a pointer to the NUL '\0' at the end of the string.)
I have a hard time finding a gcc option to enable these "returned value not used" warnings which would need this cast... :-) Edwin
On Sat, Feb 6, 2010 at 2:25 PM, Edwin Groothuis <edwin@mavetju.org> wrote:
Jonathan Leffler <jonathan.leffler <at> gmail.com> writes:
You could avoid the cast by using: return strcpy(buf, "??? ??? ?? ??:??:?? ????\n");This is one of the few occasions when the return value from strcpy() actually is useful.
I have a hard time finding a gcc option to enable these "returned value not used" warnings which would need this cast... :-)
There are other tools than GCC for measuring the 'quality' of code - and some of them get antsy (or, more accurately, used to get antsy) about not using the values returned by a function, the obvious example being 'lint'. On the whole, GCC does a good job of not whingeing when it isn't necessary; not all analysis programs have such good heuristics. I seldom use 'lint' these days (as in, I'm not sure when I did last use it). I had to check whether it was available on MacOS X and to my not very big surprise, it is not, but it tends to be available on the classic versions of Unix derived from AT&T System V. -- Jonathan Leffler <jonathan.leffler@gmail.com> #include <disclaimer.h> Guardian of DBD::Informix - v2008.0513 - http://dbi.perl.org "Blessed are we who can laugh at ourselves, for we shall never cease to be amused."
participants (3)
-
Arthur David Olson -
Edwin Groothuis -
Jonathan Leffler