189. [func] isc_time_secondsastimet(), a new function, will ensure
that the number of seconds in an isc_time_t does not exceed the range of a time_t, or return ISC_R_RANGE. Similarly, isc_time_now(), isc_time_nowplusinterval(), isc_time_add() and isc_time_subtract() now check the range for overflow/underflow. In the case of isc_time_subtract, this changed a calling requirement (ie, something that could generate an assertion) into merely a condition that returns an error result. isc_time_add() and isc_time_subtract() were void- valued before but now return isc_result_t. The seconds member isc_time_t on Unix platforms was changed from time_t to unsigned int. unix/time.c now uses macros for nanoseconds per second, nanoseconds per microsecond and microseconds per second to make sure that the right number of zeros appears each place the constant is used. unix/time.c functions which take initialized isc_(interval|time)_t arguments INSIST() that the nanoseconds value is less than one full second. unix/time.c's isc_time_microdiff was broken because it did multiplication and addition with unsigned integers and attempted to set them a 64 bit int to avoid overflow, but C's ints don't promote to 64 bits on machines that only have 32 bit longs. Fixed. Added all the pertinent documentation to time.h.
Showing with 351 additions and 52 deletions