diff options
Diffstat (limited to 'src/basic')
| -rw-r--r-- | src/basic/calendarspec.c | 3 | ||||
| -rw-r--r-- | src/basic/time-util.c | 11 | ||||
| -rw-r--r-- | src/basic/time-util.h | 11 |
3 files changed, 23 insertions, 2 deletions
diff --git a/src/basic/calendarspec.c b/src/basic/calendarspec.c index 35dfb6a3db..3fa1c51ace 100644 --- a/src/basic/calendarspec.c +++ b/src/basic/calendarspec.c @@ -1228,6 +1228,9 @@ int calendar_spec_next_usec(const CalendarSpec *spec, usec_t usec, usec_t *next) assert(spec); assert(next); + if (usec > USEC_TIMESTAMP_FORMATTABLE_MAX) + return -EINVAL; + usec++; t = (time_t) (usec / USEC_PER_SEC); assert_se(localtime_or_gmtime_r(&t, &tm, spec->utc)); diff --git a/src/basic/time-util.c b/src/basic/time-util.c index 2b44cdf0b1..eefbf90923 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c @@ -287,9 +287,11 @@ static char *format_timestamp_internal( if (t <= 0 || t == USEC_INFINITY) return NULL; /* Timestamp is unset */ + /* Let's not format times with years > 9999 */ + if (t > USEC_TIMESTAMP_FORMATTABLE_MAX) + return NULL; + sec = (time_t) (t / USEC_PER_SEC); /* Round down */ - if ((usec_t) sec != (t / USEC_PER_SEC)) - return NULL; /* overflow? */ if (!localtime_or_gmtime_r(&sec, &tm, utc)) return NULL; @@ -836,9 +838,14 @@ from_tm: return -EINVAL; ret = (usec_t) x * USEC_PER_SEC + x_usec; + if (ret > USEC_TIMESTAMP_FORMATTABLE_MAX) + return -EINVAL; finish: ret += plus; + if (ret > USEC_TIMESTAMP_FORMATTABLE_MAX) + return -EINVAL; + if (ret > minus) ret -= minus; else diff --git a/src/basic/time-util.h b/src/basic/time-util.h index f67a4474ed..7463507f51 100644 --- a/src/basic/time-util.h +++ b/src/basic/time-util.h @@ -181,3 +181,14 @@ static inline usec_t usec_sub(usec_t timestamp, int64_t delta) { return timestamp - delta; } + +#if SIZEOF_TIME_T == 8 +/* The last second we can format is 31. Dec 9999, 1s before midnight, because otherwise we'd enter 5 digit year + * territory. However, since we want to stay away from this in all timezones we take one day off. */ +#define USEC_TIMESTAMP_FORMATTABLE_MAX ((usec_t) 253402214399000000) +#elif SIZEOF_TIME_T == 4 +/* With a 32bit time_t we can't go beyond 2038... */ +#define USEC_TIMESTAMP_FORMATTABLE_MAX ((usec_t) 2147483647000000) +#else +#error "Yuck, time_t is neither 4 not 8 bytes wide?" +#endif |