summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/basic/calendarspec.c11
-rw-r--r--src/basic/time-util.c32
-rw-r--r--src/basic/time-util.h11
-rw-r--r--src/cgls/cgls.c2
-rw-r--r--src/nspawn/nspawn.c13
-rw-r--r--src/shared/logs-show.c5
-rw-r--r--src/test/test-date.c10
-rw-r--r--src/test/test-time.c28
8 files changed, 89 insertions, 23 deletions
diff --git a/src/basic/calendarspec.c b/src/basic/calendarspec.c
index 2e5622699d..3fa1c51ace 100644
--- a/src/basic/calendarspec.c
+++ b/src/basic/calendarspec.c
@@ -1020,7 +1020,7 @@ static int find_end_of_month(struct tm *tm, bool utc, int day) {
t.tm_mon++;
t.tm_mday = 1 - day;
- if (mktime_or_timegm(&t, utc) == (time_t) -1 ||
+ if (mktime_or_timegm(&t, utc) < 0 ||
t.tm_mon != tm->tm_mon)
return -1;
@@ -1086,7 +1086,7 @@ static bool tm_out_of_bounds(const struct tm *tm, bool utc) {
t = *tm;
- if (mktime_or_timegm(&t, utc) == (time_t) -1)
+ if (mktime_or_timegm(&t, utc) < 0)
return true;
/*
@@ -1115,7 +1115,7 @@ static bool matches_weekday(int weekdays_bits, const struct tm *tm, bool utc) {
return true;
t = *tm;
- if (mktime_or_timegm(&t, utc) == (time_t) -1)
+ if (mktime_or_timegm(&t, utc) < 0)
return false;
k = t.tm_wday == 0 ? 6 : t.tm_wday - 1;
@@ -1228,6 +1228,9 @@ int calendar_spec_next_usec(const CalendarSpec *spec, usec_t usec, usec_t *next)
assert(spec);
assert(next);
+ if (usec > USEC_TIMESTAMP_FORMATTABLE_MAX)
+ return -EINVAL;
+
usec++;
t = (time_t) (usec / USEC_PER_SEC);
assert_se(localtime_or_gmtime_r(&t, &tm, spec->utc));
@@ -1238,7 +1241,7 @@ int calendar_spec_next_usec(const CalendarSpec *spec, usec_t usec, usec_t *next)
return r;
t = mktime_or_timegm(&tm, spec->utc);
- if (t == (time_t) -1)
+ if (t < 0)
return -EINVAL;
*next = (usec_t) t * USEC_PER_SEC + tm_usec;
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
index 1310c76336..4ced1bc6a1 100644
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@@ -185,7 +185,7 @@ usec_t triple_timestamp_by_clock(triple_timestamp *ts, clockid_t clock) {
usec_t timespec_load(const struct timespec *ts) {
assert(ts);
- if (ts->tv_sec == (time_t) -1 && ts->tv_nsec == (long) -1)
+ if (ts->tv_sec < 0 || ts->tv_nsec < 0)
return USEC_INFINITY;
if ((usec_t) ts->tv_sec > (UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / USEC_PER_SEC)
@@ -199,7 +199,7 @@ usec_t timespec_load(const struct timespec *ts) {
nsec_t timespec_load_nsec(const struct timespec *ts) {
assert(ts);
- if (ts->tv_sec == (time_t) -1 && ts->tv_nsec == (long) -1)
+ if (ts->tv_sec < 0 || ts->tv_nsec < 0)
return NSEC_INFINITY;
if ((nsec_t) ts->tv_sec >= (UINT64_MAX - ts->tv_nsec) / NSEC_PER_SEC)
@@ -211,7 +211,8 @@ nsec_t timespec_load_nsec(const struct timespec *ts) {
struct timespec *timespec_store(struct timespec *ts, usec_t u) {
assert(ts);
- if (u == USEC_INFINITY) {
+ if (u == USEC_INFINITY ||
+ u / USEC_INFINITY >= TIME_T_MAX) {
ts->tv_sec = (time_t) -1;
ts->tv_nsec = (long) -1;
return ts;
@@ -226,8 +227,7 @@ struct timespec *timespec_store(struct timespec *ts, usec_t u) {
usec_t timeval_load(const struct timeval *tv) {
assert(tv);
- if (tv->tv_sec == (time_t) -1 &&
- tv->tv_usec == (suseconds_t) -1)
+ if (tv->tv_sec < 0 || tv->tv_usec < 0)
return USEC_INFINITY;
if ((usec_t) tv->tv_sec > (UINT64_MAX - tv->tv_usec) / USEC_PER_SEC)
@@ -241,7 +241,8 @@ usec_t timeval_load(const struct timeval *tv) {
struct timeval *timeval_store(struct timeval *tv, usec_t u) {
assert(tv);
- if (u == USEC_INFINITY) {
+ if (u == USEC_INFINITY||
+ u / USEC_PER_SEC > TIME_T_MAX) {
tv->tv_sec = (time_t) -1;
tv->tv_usec = (suseconds_t) -1;
} else {
@@ -288,9 +289,11 @@ static char *format_timestamp_internal(
if (t <= 0 || t == USEC_INFINITY)
return NULL; /* Timestamp is unset */
+ /* Let's not format times with years > 9999 */
+ if (t > USEC_TIMESTAMP_FORMATTABLE_MAX)
+ return NULL;
+
sec = (time_t) (t / USEC_PER_SEC); /* Round down */
- if ((usec_t) sec != (t / USEC_PER_SEC))
- return NULL; /* overflow? */
if (!localtime_or_gmtime_r(&sec, &tm, utc))
return NULL;
@@ -551,12 +554,12 @@ void dual_timestamp_serialize(FILE *f, const char *name, dual_timestamp *t) {
}
int dual_timestamp_deserialize(const char *value, dual_timestamp *t) {
- unsigned long long a, b;
+ uint64_t a, b;
assert(value);
assert(t);
- if (sscanf(value, "%llu %llu", &a, &b) != 2) {
+ if (sscanf(value, "%" PRIu64 "%" PRIu64, &a, &b) != 2) {
log_debug("Failed to parse dual timestamp value \"%s\": %m", value);
return -EINVAL;
}
@@ -830,16 +833,23 @@ parse_usec:
from_tm:
x = mktime_or_timegm(&tm, utc);
- if (x == (time_t) -1)
+ if (x < 0)
return -EINVAL;
if (weekday >= 0 && tm.tm_wday != weekday)
return -EINVAL;
ret = (usec_t) x * USEC_PER_SEC + x_usec;
+ if (ret > USEC_TIMESTAMP_FORMATTABLE_MAX)
+ return -EINVAL;
finish:
+ if (ret + plus < ret) /* overflow? */
+ return -EINVAL;
ret += plus;
+ if (ret > USEC_TIMESTAMP_FORMATTABLE_MAX)
+ return -EINVAL;
+
if (ret > minus)
ret -= minus;
else
diff --git a/src/basic/time-util.h b/src/basic/time-util.h
index f67a4474ed..7463507f51 100644
--- a/src/basic/time-util.h
+++ b/src/basic/time-util.h
@@ -181,3 +181,14 @@ static inline usec_t usec_sub(usec_t timestamp, int64_t delta) {
return timestamp - delta;
}
+
+#if SIZEOF_TIME_T == 8
+/* The last second we can format is 31. Dec 9999, 1s before midnight, because otherwise we'd enter 5 digit year
+ * territory. However, since we want to stay away from this in all timezones we take one day off. */
+#define USEC_TIMESTAMP_FORMATTABLE_MAX ((usec_t) 253402214399000000)
+#elif SIZEOF_TIME_T == 4
+/* With a 32bit time_t we can't go beyond 2038... */
+#define USEC_TIMESTAMP_FORMATTABLE_MAX ((usec_t) 2147483647000000)
+#else
+#error "Yuck, time_t is neither 4 not 8 bytes wide?"
+#endif
diff --git a/src/cgls/cgls.c b/src/cgls/cgls.c
index 82b4d9ccb3..ea79b9185e 100644
--- a/src/cgls/cgls.c
+++ b/src/cgls/cgls.c
@@ -149,7 +149,7 @@ static int parse_argv(int argc, char *argv[]) {
}
if (arg_machine && arg_show_unit != SHOW_UNIT_NONE) {
- log_error("Cannot combine --unit or --user-unit with --machine.");
+ log_error("Cannot combine --unit or --user-unit with --machine=.");
return -EINVAL;
}
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 0474f61d43..5594b87efa 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -2317,14 +2317,16 @@ static int inner_child(
memcpy_safe(a + 1, arg_parameters, m * sizeof(char*));
a[1 + m] = NULL;
- exec_target = a[0] = (char*) "/usr/lib/systemd/systemd";
+ a[0] = (char*) "/usr/lib/systemd/systemd";
execve(a[0], a, env_use);
- exec_target = a[0] = (char*) "/lib/systemd/systemd";
+ a[0] = (char*) "/lib/systemd/systemd";
execve(a[0], a, env_use);
- exec_target = a[0] = (char*) "/sbin/init";
+ a[0] = (char*) "/sbin/init";
execve(a[0], a, env_use);
+
+ exec_target = "/usr/lib/systemd/systemd, /lib/systemd/systemd, /sbin/init";
} else if (!strv_isempty(arg_parameters)) {
exec_target = arg_parameters[0];
execvpe(arg_parameters[0], arg_parameters, env_use);
@@ -2333,11 +2335,10 @@ static int inner_child(
/* If we cannot change the directory, we'll end up in /, that is expected. */
(void) chdir(home ?: "/root");
- exec_target = "/bin/bash";
execle("/bin/bash", "-bash", NULL, env_use);
-
- exec_target = "/bin/sh";
execle("/bin/sh", "-sh", NULL, env_use);
+
+ exec_target = "/bin/bash, /bin/sh";
}
r = -errno;
diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
index 75ea25c8ac..72c43e80cb 100644
--- a/src/shared/logs-show.c
+++ b/src/shared/logs-show.c
@@ -246,6 +246,11 @@ static int output_timestamp_realtime(FILE *f, sd_journal *j, OutputMode mode, Ou
if (r < 0)
return log_error_errno(r, "Failed to get realtime timestamp: %m");
+ if (x > USEC_TIMESTAMP_FORMATTABLE_MAX) {
+ log_error("Timestamp cannot be printed");
+ return -EINVAL;
+ }
+
if (mode == OUTPUT_SHORT_FULL) {
const char *k;
diff --git a/src/test/test-date.c b/src/test/test-date.c
index a8d3f1e083..b77598c81d 100644
--- a/src/test/test-date.c
+++ b/src/test/test-date.c
@@ -95,6 +95,16 @@ int main(int argc, char *argv[]) {
test_one_noutc("@1395716396");
test_should_parse("today UTC");
test_should_fail("today UTC UTC");
+ test_should_parse("1970-1-1 UTC");
+ test_should_fail("1969-1-1 UTC");
+#if SIZEOF_TIME_T == 8
+ test_should_parse("9999-12-30 23:59:59 UTC");
+ test_should_fail("9999-12-31 00:00:00 UTC");
+ test_should_fail("10000-01-01 00:00:00 UTC");
+#elif SIZEOF_TIME_T == 4
+ test_should_parse("2038-01-19 03:14:07 UTC");
+ test_should_fail( "2038-01-19 03:14:08 UTC");
+#endif
return 0;
}
diff --git a/src/test/test-time.c b/src/test/test-time.c
index 8259491813..911282bf0c 100644
--- a/src/test/test-time.c
+++ b/src/test/test-time.c
@@ -17,9 +17,10 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include "random-util.h"
+#include "string-util.h"
#include "strv.h"
#include "time-util.h"
-#include "random-util.h"
static void test_parse_sec(void) {
usec_t u;
@@ -248,6 +249,30 @@ static void test_format_timestamp(void) {
}
}
+static void test_format_timestamp_utc_one(usec_t t, const char *result) {
+ char buf[FORMAT_TIMESTAMP_MAX];
+
+ assert_se(!format_timestamp_utc(buf, sizeof(buf), t) == !result);
+
+ if (result)
+ assert_se(streq(result, buf));
+}
+
+static void test_format_timestamp_utc(void) {
+ test_format_timestamp_utc_one(0, NULL);
+ test_format_timestamp_utc_one(1, "Thu 1970-01-01 00:00:00 UTC");
+ test_format_timestamp_utc_one(USEC_PER_SEC, "Thu 1970-01-01 00:00:01 UTC");
+
+#if SIZEOF_TIME_T == 8
+ test_format_timestamp_utc_one(USEC_TIMESTAMP_FORMATTABLE_MAX, "Thu 9999-12-30 23:59:59 UTC");
+#elif SIZEOF_TIME_T == 4
+ test_format_timestamp_utc_one(USEC_TIMESTAMP_FORMATTABLE_MAX, "Tue 2038-01-19 03:14:07 UTC");
+#endif
+
+ test_format_timestamp_utc_one(USEC_TIMESTAMP_FORMATTABLE_MAX+1, NULL);
+ test_format_timestamp_utc_one(USEC_INFINITY, NULL);
+}
+
int main(int argc, char *argv[]) {
uintmax_t x;
@@ -262,6 +287,7 @@ int main(int argc, char *argv[]) {
test_usec_add();
test_usec_sub();
test_format_timestamp();
+ test_format_timestamp_utc();
/* Ensure time_t is signed */
assert_cc((time_t) -1 < (time_t) 1);