From 01fdf6c4d379e185043385d091aa20d2aace0bd8 Mon Sep 17 00:00:00 2001 From: Kalle Olavi Niemitalo Date: Sat, 13 Jan 2007 15:26:21 +0200 Subject: [PATCH] Bug 923: Added comments about potential time_t truncation. And removed Miciah's portability question; MSVC++2005 already has a time_t longer than long, so assuming that time_t is long is surely not portable. --- src/cookies/dialogs.c | 2 ++ src/protocol/bittorrent/bencoding.c | 1 + src/protocol/ftp/parse.c | 1 + src/scripting/smjs/globhist.c | 1 + src/util/time.c | 4 ++++ src/util/time.h | 10 ++++++---- 6 files changed, 15 insertions(+), 4 deletions(-) diff --git a/src/cookies/dialogs.c b/src/cookies/dialogs.c index 3af9c3dc2..d80407b06 100644 --- a/src/cookies/dialogs.c +++ b/src/cookies/dialogs.c @@ -280,6 +280,7 @@ set_cookie_expires(struct dialog_data *dlg_data, struct widget_data *widget_data if (!value || !cookie) return EVENT_NOT_PROCESSED; + /* Bug 923: Assumes time_t values fit in long. */ errno = 0; number = strtol(value, (char **) &end, 10); if (errno || *end || number < 0) return EVENT_NOT_PROCESSED; @@ -335,6 +336,7 @@ build_edit_dialog(struct terminal *term, struct cookie *cookie) safe_strncpy(name, cookie->name, MAX_STR_LEN); safe_strncpy(value, cookie->value, MAX_STR_LEN); safe_strncpy(domain, cookie->domain, MAX_STR_LEN); + /* Bug 923: Assumes time_t values fit in unsigned long. */ ulongcat(expires, &length, cookie->expires, MAX_STR_LEN, 0); length = 0; ulongcat(secure, &length, cookie->secure, MAX_STR_LEN, 0); diff --git a/src/protocol/bittorrent/bencoding.c b/src/protocol/bittorrent/bencoding.c index 6a7d0aae4..237f3af7e 100644 --- a/src/protocol/bittorrent/bencoding.c +++ b/src/protocol/bittorrent/bencoding.c @@ -760,6 +760,7 @@ parse_bittorrent_metafile(struct bittorrent_meta *meta, struct string *metafile) break; case BENCODING_TOKEN_CREATION_DATE: + /* Bug 923: Assumes time_t values fit in off_t. */ meta->creation_date = (time_t) parse_bencoding_integer(value); skip_scanner_token(&scanner); break; diff --git a/src/protocol/ftp/parse.c b/src/protocol/ftp/parse.c index be4326e78..59b24e42d 100644 --- a/src/protocol/ftp/parse.c +++ b/src/protocol/ftp/parse.c @@ -109,6 +109,7 @@ parse_ftp_eplf_response(struct ftp_file_info *info, unsigned char *src, int len) case FTP_EPLF_MTIME: if (src >= pos) break; + /* Bug 923: Assumes time_t values cannot exceed LONG_MAX. */ info->mtime = (time_t) parse_ftp_number(&src, pos, 0, LONG_MAX); break; case FTP_EPLF_ID: diff --git a/src/scripting/smjs/globhist.c b/src/scripting/smjs/globhist.c index 6ea907d86..bcc4cad72 100644 --- a/src/scripting/smjs/globhist.c +++ b/src/scripting/smjs/globhist.c @@ -150,6 +150,7 @@ smjs_globhist_item_set_property(JSContext *ctx, JSObject *obj, jsval id, jsval * case GLOBHIST_LAST_VISIT: { uint32 seconds; + /* Bug 923: Assumes time_t values fit in uint32. */ JS_ValueToECMAUint32(smjs_ctx, *vp, &seconds); history_item->last_visit = seconds; diff --git a/src/util/time.c b/src/util/time.c index 8e0637ea3..19bd2cafa 100644 --- a/src/util/time.c +++ b/src/util/time.c @@ -134,6 +134,8 @@ timeval_from_milliseconds(timeval_T *t, milliseconds_T milliseconds) return t; } +/* Bug 923: Assumes time_t values fit in long. (This function is used + * for both timestamps and durations.) */ timeval_T * timeval_from_seconds(timeval_T *t, long seconds) { @@ -184,6 +186,8 @@ timeval_to_milliseconds(timeval_T *t) return add_ms_to_ms(a, b); } +/* Bug 923: Assumes time_t values fit in long. (This function is used + * for both timestamps and durations.) */ long timeval_to_seconds(timeval_T *t) { diff --git a/src/util/time.h b/src/util/time.h index 5ff636502..7d81a7757 100644 --- a/src/util/time.h +++ b/src/util/time.h @@ -16,18 +16,20 @@ typedef long milliseconds_T; #define ms_max(a, b) ((a) < (b) ? (b) : (a)) #define ms_min(a, b) ((a) < (b) ? (a) : (b)) -/* Is using atol() in this way acceptable? It seems - * non-portable to me; time_t might not be a long. -- Miciah */ +/* Bug 923: Assumes time_t values fit in long. */ #define str_to_time_t(s) ((time_t) atol(s)) /* When formatting time_t values to be parsed with str_to_time_t, * we first cast to time_print_T and then printf the result with - * TIME_PRINT_FORMAT. */ + * TIME_PRINT_FORMAT. + * Bug 923: Assumes time_t values fit in long. */ typedef long time_print_T; #define TIME_PRINT_FORMAT "ld" /* Redefine a timeval that has all fields signed so calculations * will be simplified on rare systems that define timeval with - * unsigned fields. */ + * unsigned fields. + * Bug 923: Assumes time_t values fit in long. (This structure is + * used for both timestamps and durations.) */ typedef struct { long sec; long usec; } timeval_T; timeval_T *timeval_from_milliseconds(timeval_T *t, milliseconds_T milliseconds);