asctime.c

Olson, Arthur David (NIH/NCI) olsona at dc37a.nci.nih.gov
Tue Jul 27 17:17:35 UTC 2004


From: Robert Elz [mailto:kre at munnari.OZ.AU] 
Sent: Tuesday, July 27, 2004 11:49 AM
To: Olson, Arthur David (NIH/NCI)
Cc: Tz
Subject: Re: asctime.c 

...
  | 	/*
  | 	** Big enough for something such as
  | 	** ??? ???-2147483648 -2147483648:-2147483648:-2147483648
  | -2147483648\n
  | 	** (two three-character abbreviations, five strings denoting
  | integers,
  | 	** three explicit spaces, two explicit colons, a newline,
  | 	** and a trailing ASCII nul).
  | 	*/
  | 	char			result[2 * 3 + 5 * INT_STRLEN_MAXIMUM(int) +
  | 					3 + 2 + 1 + 1];

> That buffer is big enough for that string, but are we sure that string
> is the longest that can ever happen?   The year is after all printed
> using %ld - so there must at least be the potential for that one to be a
long, which might be -9223372036854775808.
> Beyond that, C doesn't actually promise that "int" is limited to 32
> bits does it?   Given that, the 2147483648 numbers are just speculation.

We're using "INT_STRLEN_MAXIMUM(int)" to figure out how long the output for
an integer value might be.
The macro figures out the length based on "sizeof int", so even if an int is
more than 32 bits things will come out right.

While we're using a %ld format to print out out the year, what we're
printing is the sum of an int (tm_year) and 1900 (TM_YEAR_BASE), so we know
the result is int sized.

				--ado



More information about the tz mailing list