Apply upstream commit 943a6621866e9d6e654f5cfe1494378c1fb8957a.

Author: Paul Eggert <eggert@cs.ucla.edu>
Date:   Thu Aug 22 12:47:51 2013 -0700

    * localtime.c: Fix another integer overflow bug in mktime.

    (time2sub): Avoid undefined behavior on time_t overflow.
    Reported by Elliott Hughes in
    <http://mm.icann.org/pipermail/tz/2013-August/019580.html>.

Bug: 10310929

(cherry picked from commit 713fe6463e)

Change-Id: I9ec79fd8d825e6b9e8bb5af549dbfc2182346c05
This commit is contained in:
Elliott Hughes 2013-08-22 14:13:50 -07:00
parent f0c10a4a16
commit 345eb225ae
3 changed files with 14 additions and 6 deletions

View File

@ -718,8 +718,6 @@ LOCAL_CFLAGS := \
-DTZDIR=\"/system/usr/share/zoneinfo\" \ -DTZDIR=\"/system/usr/share/zoneinfo\" \
-DTM_GMTOFF=tm_gmtoff \ -DTM_GMTOFF=tm_gmtoff \
-DUSG_COMPAT=1 -DUSG_COMPAT=1
# tzcode currently relies on signed overflow in numerous places (http://b/10310929).
LOCAL_CFLAGS += -fno-strict-overflow
LOCAL_C_INCLUDES := $(libc_common_c_includes) LOCAL_C_INCLUDES := $(libc_common_c_includes)
LOCAL_MODULE := libc_tzcode LOCAL_MODULE := libc_tzcode
LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk

View File

@ -1812,14 +1812,14 @@ time2sub(struct tm * const tmp,
} else dir = tmcomp(&mytm, &yourtm); } else dir = tmcomp(&mytm, &yourtm);
if (dir != 0) { if (dir != 0) {
if (t == lo) { if (t == lo) {
++t; if (t == time_t_max)
if (t <= lo)
return WRONG; return WRONG;
++t;
++lo; ++lo;
} else if (t == hi) { } else if (t == hi) {
--t; if (t == time_t_min)
if (t >= hi)
return WRONG; return WRONG;
--t;
--hi; --hi;
} }
if (lo > hi) if (lo > hi)

View File

@ -304,6 +304,16 @@ const char * scheck(const char * string, const char * format);
#define TYPE_SIGNED(type) (((type) -1) < 0) #define TYPE_SIGNED(type) (((type) -1) < 0)
#endif /* !defined TYPE_SIGNED */ #endif /* !defined TYPE_SIGNED */
/* The minimum and maximum finite time values. */
static time_t const time_t_min =
(TYPE_SIGNED(time_t)
? (time_t) -1 << (CHAR_BIT * sizeof (time_t) - 1)
: 0);
static time_t const time_t_max =
(TYPE_SIGNED(time_t)
? - (~ 0 < 0) - ((time_t) -1 << (CHAR_BIT * sizeof (time_t) - 1))
: -1);
/* /*
** Since the definition of TYPE_INTEGRAL contains floating point numbers, ** Since the definition of TYPE_INTEGRAL contains floating point numbers,
** it cannot be used in preprocessor directives. ** it cannot be used in preprocessor directives.