[tz] [PROPOSED PATCH 5/5] Minor library fixes for signed integer overflow.
Paul Eggert
eggert at cs.ucla.edu
Tue Aug 19 19:52:42 UTC 2014
* localtime.c (localsub, time2sub): Don't assume that signed
integer overflow wraps around.
---
localtime.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/localtime.c b/localtime.c
index 197fa28..8ee4bbd 100644
--- a/localtime.c
+++ b/localtime.c
@@ -1298,15 +1298,15 @@ localsub(const time_t *const timep, const int_fast32_t offset,
return NULL; /* "cannot happen" */
result = localsub(&newt, offset, tmp);
if (result == tmp) {
- register time_t newy;
+ register int_fast64_t newy;
newy = tmp->tm_year;
if (t < sp->ats[0])
newy -= years;
else newy += years;
- tmp->tm_year = newy;
- if (tmp->tm_year != newy)
+ if (! (INT_MIN <= newy && newy <= INT_MAX))
return NULL;
+ tmp->tm_year = newy;
}
return result;
}
@@ -1763,9 +1763,9 @@ time2sub(struct tm *const tmp,
}
if (increment_overflow32(&y, -TM_YEAR_BASE))
return WRONG;
- yourtm.tm_year = y;
- if (yourtm.tm_year != y)
+ if (! (INT_MIN <= y && y <= INT_MAX))
return WRONG;
+ yourtm.tm_year = y;
if (yourtm.tm_sec >= 0 && yourtm.tm_sec < SECSPERMIN)
saved_seconds = 0;
else if (y + TM_YEAR_BASE < EPOCH_YEAR) {
--
1.9.1
More information about the tz
mailing list