+2011-03-12 Paul Eggert <eggert@cs.ucla.edu>
+
+ Improve quality of tests for time stamp overflow. For example,
+ without this patch (encode-time 0 0 0 1 1 1152921504606846976)
+ returns the obviously-bogus value (-948597 62170) on my RHEL 5.5
+ x86-64 host. With it, it reports time overflow.
+ * deps.mk (editfns.o): Depend on ../lib/intprops.h.
+ * editfns.c: Include limits.h and intprops.h.
+ (TIME_T_MIN, TIME_T_MAX): New macros.
+ (time_overflow): Move earlier, to before first use.
+ (hi_time, lo_time): New functions, for an accurate test for
+ out-of-range times.
+ (Fcurrent_time, Fget_internal_run_time, make_time): Use them.
+ (Fget_internal_run_time): Don't assume time_t fits in int.
+ (make_time): Use list2 instead of Fcons twice.
+ (Fdecode_time): More accurate test for out-of-range times.
+ (check_tm_member): New function.
+ (Fencode_time): Use it, to test for out-of-range times.
+
2011-03-11 Paul Eggert <eggert@cs.ucla.edu>
* editfns.c (time_overflow): New function, refactoring common code.
#endif
#include <ctype.h>
+#include <limits.h>
+#include <intprops.h>
#include <strftime.h>
#include "intervals.h"
return make_number (getpid ());
}
+\f
+
+#ifndef TIME_T_MIN
+# define TIME_T_MIN TYPE_MINIMUM (time_t)
+#endif
+#ifndef TIME_T_MAX
+# define TIME_T_MAX TYPE_MAXIMUM (time_t)
+#endif
+
+/* Report that a time value is out of range for Emacs. */
+static void
+time_overflow (void)
+{
+ error ("Specified time is not representable");
+}
+
+/* Return the upper part of the time T (everything but the bottom 16 bits),
+ making sure that it is representable. */
+static EMACS_INT
+hi_time (time_t t)
+{
+ time_t hi = t >> 16;
+ if (((TYPE_SIGNED (time_t)
+ && TIME_T_MIN >> 16 < MOST_NEGATIVE_FIXNUM
+ && hi < MOST_NEGATIVE_FIXNUM)
+ || (MOST_POSITIVE_FIXNUM < TIME_T_MAX >> 16
+ && MOST_POSITIVE_FIXNUM < hi)))
+ time_overflow ();
+ return hi;
+}
+
+/* Return the bottom 16 bits of the time T. */
+static EMACS_INT
+lo_time (time_t t)
+{
+ return t & ((1 << 16) - 1);
+}
+
DEFUN ("current-time", Fcurrent_time, Scurrent_time, 0, 0, 0,
doc: /* Return the current time, as the number of seconds since 1970-01-01 00:00:00.
The time is returned as a list of three integers. The first has the
EMACS_TIME t;
EMACS_GET_TIME (t);
- return list3 (make_number ((EMACS_SECS (t) >> 16) & 0xffff),
- make_number ((EMACS_SECS (t) >> 0) & 0xffff),
+ return list3 (make_number (hi_time (EMACS_SECS (t))),
+ make_number (lo_time (EMACS_SECS (t))),
make_number (EMACS_USECS (t)));
}
{
#ifdef HAVE_GETRUSAGE
struct rusage usage;
- int secs, usecs;
+ time_t secs;
+ int usecs;
if (getrusage (RUSAGE_SELF, &usage) < 0)
/* This shouldn't happen. What action is appropriate? */
secs++;
}
- return list3 (make_number ((secs >> 16) & 0xffff),
- make_number ((secs >> 0) & 0xffff),
+ return list3 (make_number (hi_time (secs)),
+ make_number (lo_time (secs)),
make_number (usecs));
#else /* ! HAVE_GETRUSAGE */
#ifdef WINDOWSNT
}
\f
-/* Report a time value that is out of range for Emacs. */
-static void
-time_overflow (void)
-{
- error ("Specified time is not representable");
-}
-
/* Make a Lisp list that represents the time T. */
Lisp_Object
make_time (time_t t)
{
- return Fcons (make_number (t >> 16),
- Fcons (make_number (t & 0177777), Qnil));
+ return list2 (make_number (hi_time (t)),
+ make_number (lo_time (t)));
}
/* Decode a Lisp list SPECIFIED_TIME that represents a time.
BLOCK_INPUT;
decoded_time = localtime (&time_spec);
UNBLOCK_INPUT;
- if (! decoded_time)
+ if (! (decoded_time
+ && MOST_NEGATIVE_FIXNUM - TM_YEAR_BASE <= decoded_time->tm_year
+ && decoded_time->tm_year <= MOST_POSITIVE_FIXNUM - TM_YEAR_BASE))
time_overflow ();
XSETFASTINT (list_args[0], decoded_time->tm_sec);
XSETFASTINT (list_args[1], decoded_time->tm_min);
return Flist (9, list_args);
}
+/* Return OBJ - OFFSET, checking that OBJ is a valid fixnum and that
+ the result is representable as an int. Assume OFFSET is small and
+ nonnegative. */
+static int
+check_tm_member (Lisp_Object obj, int offset)
+{
+ EMACS_INT n;
+ CHECK_NUMBER (obj);
+ n = XINT (obj);
+ if (! (INT_MIN + offset <= n && n - offset <= INT_MAX))
+ time_overflow ();
+ return n - offset;
+}
+
DEFUN ("encode-time", Fencode_time, Sencode_time, 6, MANY, 0,
doc: /* Convert SECOND, MINUTE, HOUR, DAY, MONTH, YEAR and ZONE to internal time.
This is the reverse operation of `decode-time', which see.
struct tm tm;
Lisp_Object zone = (nargs > 6 ? args[nargs - 1] : Qnil);
- CHECK_NUMBER (args[0]); /* second */
- CHECK_NUMBER (args[1]); /* minute */
- CHECK_NUMBER (args[2]); /* hour */
- CHECK_NUMBER (args[3]); /* day */
- CHECK_NUMBER (args[4]); /* month */
- CHECK_NUMBER (args[5]); /* year */
-
- tm.tm_sec = XINT (args[0]);
- tm.tm_min = XINT (args[1]);
- tm.tm_hour = XINT (args[2]);
- tm.tm_mday = XINT (args[3]);
- tm.tm_mon = XINT (args[4]) - 1;
- tm.tm_year = XINT (args[5]) - TM_YEAR_BASE;
+ tm.tm_sec = check_tm_member (args[0], 0);
+ tm.tm_min = check_tm_member (args[1], 0);
+ tm.tm_hour = check_tm_member (args[2], 0);
+ tm.tm_mday = check_tm_member (args[3], 0);
+ tm.tm_mon = check_tm_member (args[4], 1);
+ tm.tm_year = check_tm_member (args[5], TM_YEAR_BASE);
tm.tm_isdst = -1;
if (CONSP (zone))
projects / emacs.git / commitdiff