diff options
| author | Zack Weinberg <zackw@panix.com> | 2019-08-19 13:51:25 -0400 |
|---|---|---|
| committer | Zack Weinberg <zackw@panix.com> | 2020-01-06 15:39:28 -0500 |
| commit | c246b06a68ca6ef1ffcde790980a47bcbbedece9 (patch) | |
| tree | 811f93e2b914d28692a38753d4b7dd25dda37ebe /time/sys/time.h | |
| parent | d5f4d0ac6a14cc3385dc4180698f939ca0ee00f5 (diff) | |
| download | glibc-zack/obsolete-time-functions.tar glibc-zack/obsolete-time-functions.tar.gz glibc-zack/obsolete-time-functions.tar.bz2 glibc-zack/obsolete-time-functions.zip | |
Warn when gettimeofday is called with non-null tzp argument.zack/obsolete-time-functions
Since there are no known uses of gettimeofday's vestigial "get time
zone" feature that are not bugs, add a fortify-style wrapper inline to
sys/time.h that issues a warning whenever gettimeofday is called with
a second argument that is not a compile-time null pointer
constant.
At present this is only possible with GCC; clang does not implement
attribute((warning)). The wrapper is only activated when __OPTIMIZE__
is defined because it throws false positives when optimization is off,
even though it's an always-inline function.
An oversight in the implementation of __builtin_constant_p causes it
to fail to detect compile-time *pointer* constants unless they are
cast to an integer of a different size. (Loss of data in this cast is
harmless; the overall expression is still constant if and only if the
original pointer was.) This is GCC bug 95514. Thanks to
Kamil Cukrowski <kamilcukrowski@gmail.com> for the workaround.
As a precaution, I added a static assertion to debug/warning-nop.c to
make sure that the cast _is_ casting to an integer of a different
size; this is too unlikely a scenario to be worth checking in the
public header, but if someone ever adds a port where short is the
same size as intptr_t, we'll still catch it.
Diffstat (limited to 'time/sys/time.h')
| -rw-r--r-- | time/sys/time.h | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/time/sys/time.h b/time/sys/time.h index 21fa9ed451..6b6f71d2e5 100644 --- a/time/sys/time.h +++ b/time/sys/time.h @@ -66,6 +66,30 @@ struct timezone extern int gettimeofday (struct timeval *__restrict __tv, void *__restrict __tz) __THROW __nonnull ((1)); +#if __GNUC_PREREQ (4,3) && defined __REDIRECT && defined __OPTIMIZE__ +/* Issue a warning for use of gettimeofday with a non-null __tz argument. */ +__warndecl (__warn_gettimeofday_nonnull_timezone, + "gettimeofday with non-null or non-constant timezone parameter;" + " this is obsolete and inaccurate, use localtime instead"); + +extern int __REDIRECT_NTH (__gettimeofday_alias, + (struct timeval *__restrict __tv, + void *__restrict __tz), gettimeofday) + __nonnull ((1)); + +/* The double cast below works around a limitation in __builtin_constant_p + in all released versions of GCC (as of August 2019). + See <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91554>. */ +__fortify_function int +__NTH (gettimeofday (struct timeval *__restrict __tv, void *__restrict __tz)) +{ + if (! (__builtin_constant_p ((short) (__intptr_t) __tz) && __tz == 0)) + __warn_gettimeofday_nonnull_timezone (); + + return __gettimeofday_alias (__tv, __tz); +} +#endif + #ifdef __USE_MISC /* Set the current time of day and timezone information. This call is restricted to the super-user. |