You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In _WIN32 builds, TIME_MAX needs to be INT32_MAX.
Also fix UB overflow, and useless check in BSD's strptime:
(time_t_value * 10) <= TIME_MAX
is always true since time_t is signed, and TIME_MAX is its maximum
value.
And, if it is not optimised out, it causes a signed integer overflow
for input that start with a sequence of characters between
"922337203685477581" and "999999999999999999" (inclusive, 64-bit time_t)
that is unspecified in standard C.
Also, since the check does not do what it is supposed to do, even if we
assume that signed integer overflow is defined like for unsigned
integers, on builds where time_t is int32_t, and TIME_MAX is INT32_MAX,
this will cause strptime("%s") to accept 99999999999 as a valid
timestamp, equivalent to 1215752191 (Fri 11 Jul 04:56:31 UTC 2008)
instead of rejecting it.
This works because floor(log10(UINT32_MAX)) == floor(log10(INT32_MAX))
in 32-bit.
Noticed thanks to a compiler warning in the windows build CI.
0 commit comments