[PROPOSED] Avoid time_t + int overflow
* localtime.c (increment_overflow_time_int): New function. (time2sub): Use it (instead of relying on possibly-undefined behavior) to check for time_t + int overflow. --- localtime.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/localtime.c b/localtime.c index 07ce41b8..14c356e1 100644 --- a/localtime.c +++ b/localtime.c @@ -1882,6 +1882,21 @@ increment_overflow_iinntt(iinntt *lp, int m) #endif } +static bool +increment_overflow_time_int(time_t *tp, int j) +{ +#ifdef ckd_add + return ckd_add(tp, *tp, j); +#else + if (j < 0 + ? (TYPE_SIGNED(time_t) ? *tp < TIME_T_MIN - j : *tp <= -1 - j) + : TIME_T_MAX - j < *tp) + return true; + *tp += j; + return false; +#endif +} + static bool increment_overflow_time(time_t *tp, int_fast32_t j) { @@ -2155,10 +2170,8 @@ time2sub(struct tm *const tmp, return WRONG; } label: - newt = t + saved_seconds; - if ((newt < t) != (saved_seconds < 0)) + if (increment_overflow_time_int(&t, saved_seconds)) return WRONG; - t = newt; if (funcp(sp, &t, offset, tmp)) *okayp = true; return t; -- 2.47.0
participants (1)
-
Paul Eggert