Commit 269c0717 authored by Mark Andrews's avatar Mark Andrews

3295. [bug] Adjust isc_time_secondsastimet range check to be more

                        portable. [RT # 26542]
parent 962bf88e
3295. [bug] Adjust isc_time_secondsastimet range check to be more
portable. [RT # 26542]
3294. [bug] isccc/cc.c:table_fromwire failed to free alist on
error. [RT #28265]
......
......@@ -334,7 +334,6 @@ isc_time_seconds(const isc_time_t *t) {
isc_result_t
isc_time_secondsastimet(const isc_time_t *t, time_t *secondsp) {
isc_uint64_t i;
time_t seconds;
REQUIRE(t != NULL);
......@@ -354,33 +353,16 @@ isc_time_secondsastimet(const isc_time_t *t, time_t *secondsp) {
* pretty much only true if time_t is a signed integer of the same
* size as the return value of isc_time_seconds.
*
* The use of the 64 bit integer ``i'' takes advantage of C's
* conversion rules to either zero fill or sign extend the widened
* type.
*
* Solaris 5.6 gives this warning about the left shift:
* warning: integer overflow detected: op "<<"
* if the U(nsigned) qualifier is not on the 1.
* If the paradox in the if clause below is true, t->seconds is out
* of range for time_t.
*/
seconds = (time_t)t->seconds;
INSIST(sizeof(unsigned int) == sizeof(isc_uint32_t));
INSIST(sizeof(time_t) >= sizeof(isc_uint32_t));
if (sizeof(time_t) == sizeof(isc_uint32_t) && /* Same size. */
(time_t)0.5 != 0.5 && /* Not a floating point type. */
(i = (time_t)-1) != 4294967295u && /* Is signed. */
(seconds &
(1U << (sizeof(time_t) * CHAR_BIT - 1))) != 0U) { /* Negative. */
/*
* This UNUSED() is here to shut up the IRIX compiler:
* variable "i" was set but never used
* when the value of i *was* used in the third test.
* (Let's hope the compiler got the actual test right.)
*/
UNUSED(i);
if (t->seconds > (~0U>>1) && seconds <= (time_t)(~0U>>1))
return (ISC_R_RANGE);
}
*secondsp = seconds;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment