From e915c32cc74671a03a4f656bdbbe9b8103a5ff19 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Mon, 1 May 2023 09:04:15 -0700 Subject: mktime: prefer C23 style overflow checking Prefer stdckdint.h macros to intprops.h macros where either will do, as this is the C23 standard. Also, it ports around a pcc bug. * config/srclist.txt: Comment out mktime.c. * lib/mktime.c: Include stdckdint.h, not intprops.h. (__mktime_internal): Prefer stdckdint.h to intprops.h macros. * modules/mktime (Depends-on): Add stdckdint. --- ChangeLog | 8 ++++++++ config/srclist.txt | 2 +- lib/mktime.c | 12 ++++++------ modules/mktime | 1 + 4 files changed, 16 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8f03557265..0b8e61c123 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,13 @@ 2023-05-01 Paul Eggert + mktime: prefer C23 style overflow checking + Prefer stdckdint.h macros to intprops.h macros where either will do, + as this is the C23 standard. Also, it ports around a pcc bug. + * config/srclist.txt: Comment out mktime.c. + * lib/mktime.c: Include stdckdint.h, not intprops.h. + (__mktime_internal): Prefer stdckdint.h to intprops.h macros. + * modules/mktime (Depends-on): Add stdckdint. + limits-h: port to pcc * doc/posix-headers/limits.texi: Document the issue. * lib/limits.in.h (MB_LEN_MAX): New macro, if not already defined. diff --git a/config/srclist.txt b/config/srclist.txt index 1ff4e6ec8d..7003128058 100644 --- a/config/srclist.txt +++ b/config/srclist.txt @@ -73,7 +73,7 @@ $LIBCSRC posix/regex.h lib #$LIBCSRC stdlib/canonicalize lib/canonicalize-lgpl.c #$LIBCSRC sysdeps/generic/eloop-threshold.h lib $LIBCSRC time/timegm.c lib -$LIBCSRC time/mktime.c lib +#$LIBCSRC time/mktime.c lib $LIBCSRC time/mktime-internal.h lib # diff --git a/lib/mktime.c b/lib/mktime.c index 94a4320e6c..9a37bb72f4 100644 --- a/lib/mktime.c +++ b/lib/mktime.c @@ -46,10 +46,10 @@ #include #include #include +#include #include #include -#include #include #ifndef NEED_MKTIME_INTERNAL @@ -379,7 +379,7 @@ __mktime_internal (struct tm *tp, /* Invert CONVERT by probing. First assume the same offset as last time. */ - INT_SUBTRACT_WRAPV (0, off, &negative_offset_guess); + ckd_sub (&negative_offset_guess, 0, off); long_int t0 = ydhms_diff (year, yday, hour, min, sec, EPOCH_YEAR - TM_YEAR_BASE, 0, 0, 0, negative_offset_guess); @@ -465,7 +465,7 @@ __mktime_internal (struct tm *tp, for (direction = -1; direction <= 1; direction += 2) { long_int ot; - if (! INT_ADD_WRAPV (t, delta * direction, &ot)) + if (! ckd_add (&ot, t, delta * direction)) { struct tm otm; if (! ranged_convert (convert, &ot, &otm)) @@ -503,8 +503,8 @@ __mktime_internal (struct tm *tp, /* Set *OFFSET to the low-order bits of T - T0 - NEGATIVE_OFFSET_GUESS. This is just a heuristic to speed up the next mktime call, and correctness is unaffected if integer overflow occurs here. */ - INT_SUBTRACT_WRAPV (t, t0, offset); - INT_SUBTRACT_WRAPV (*offset, negative_offset_guess, offset); + ckd_sub (offset, t, t0); + ckd_sub (offset, *offset, negative_offset_guess); if (LEAP_SECONDS_POSSIBLE && sec_requested != tm.tm_sec) { @@ -513,7 +513,7 @@ __mktime_internal (struct tm *tp, long_int sec_adjustment = sec == 0 && tm.tm_sec == 60; sec_adjustment -= sec; sec_adjustment += sec_requested; - if (INT_ADD_WRAPV (t, sec_adjustment, &t) + if (ckd_add (&t, t, sec_adjustment) || ! (mktime_min <= t && t <= mktime_max)) { __set_errno (EOVERFLOW); diff --git a/modules/mktime b/modules/mktime index b3ba650a93..e5c4c05687 100644 --- a/modules/mktime +++ b/modules/mktime @@ -13,6 +13,7 @@ multiarch intprops [test $REPLACE_MKTIME = 1] libc-config [test $REPLACE_MKTIME = 1] stdbool [test $REPLACE_MKTIME = 1] +stdckdint [test $REPLACE_MKTIME = 1] time_r [test $REPLACE_MKTIME = 1] verify [test $REPLACE_MKTIME = 1] -- cgit v1.2.1