lib/gettime.c: gettime(): Call a2i() instead of strtoull_noneg()

time_t isn't necessarily unsigned (in fact, it's likely to be signed. Therefore, parse the number as the right type, via a2i(time_t, ...). Still, reject negative numbers, just to be cautious. It was done before (strtoull_noneg()), so it shouldn't be a problem. (However, strtoull_noneg() was only introduced recently, and before that we called strtoull(3), which silently accepted negative values.) Remove the limitation of ULONG_MAX, which seems arbitrary. It probably was written in times where 'time_t' had the same length of 'long', and this was thus a test that the value didn't overflow 'time_t'. Such a test is implicit in the a2i() call, so forget about it. Unify the error messages into a single one that provides all the info (except the value of 'fallback'). Link: <cb610d54b4 (r136407772)> Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com> Cc: Chris Lamb <lamby@debian.org> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
2026-01-26 14:03:17 +00:00 · 2024-01-06 23:15:06 +01:00 · 2024-01-06 23:15:06 +01:00 · 895dfd77d2
commit 895dfd77d2
parent 9dddcd29f1
1 changed files with 17 additions and 39 deletions
--- a/lib/gettime.c
+++ b/lib/gettime.c
@ -1,8 +1,7 @@
-/*
- * SPDX-FileCopyrightText: 2017, Chris Lamb
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
+// SPDX-FileCopyrightText: 2017, Chris Lamb
+// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
+// SPDX-License-Identifier: BSD-3-Clause
+

 #include <config.h>

@ -12,11 +11,12 @@
 #include <limits.h>
 #include <stdio.h>

-#include "atoi/strtou_noneg.h"
+#include "atoi/a2i.h"
 #include "defines.h"
 #include "prototypes.h"
 #include "shadowlog.h"

+
 /*
 * gettime() returns the time as the number of seconds since the Epoch
 *
@ -24,13 +24,12 @@
 * Epoch, 1970-01-01 00:00:00 +0000 (UTC), except that if the SOURCE_DATE_EPOCH
 * environment variable is exported it will use that instead.
 */
-/*@observer@*/time_t gettime (void)
+/*@observer@*/time_t
+gettime(void)
 {
-	char  *end;
-	char *source_date_epoch;
-	time_t fallback;
-	unsigned long long epoch;
-	FILE *shadow_logfd = log_get_logfd();
+	char    *source_date_epoch;
+	FILE    *shadow_logfd = log_get_logfd();
+	time_t  fallback, epoch;

 	fallback = time (NULL);
 	source_date_epoch = shadow_getenv ("SOURCE_DATE_EPOCH");
@ -38,32 +37,11 @@
 	if (!source_date_epoch)
 		return fallback;

-	errno = 0;
-	epoch = strtoull_noneg(source_date_epoch, &end, 10);
-	if (errno != 0) {
-		fprintf (shadow_logfd,
-			 _("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n"),
-			 strerror(errno));
-	} else if (end == source_date_epoch) {
-		fprintf (shadow_logfd,
-			 _("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n"),
-			 end);
-	} else if (*end != '\0') {
-		fprintf (shadow_logfd,
-			 _("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n"),
-			 end);
-	} else if (epoch > ULONG_MAX) {
-		fprintf (shadow_logfd,
-			 _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"),
-			 ULONG_MAX, epoch);
-	} else if ((time_t)epoch > fallback) {
-		fprintf (shadow_logfd,
-			 _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"),
-			 fallback, epoch);
-	} else {
-		/* Valid */
-		return epoch;
+	if (a2i(time_t, &epoch, source_date_epoch, NULL, 10, 0, fallback) == -1) {
+		fprintf(shadow_logfd,
+		        _("Environment variable $SOURCE_DATE_EPOCH: a2i(\"%s\"): %s"),
+		        source_date_epoch, strerror(errno));
+		return fallback;
 	}
-
-	return fallback;
+	return epoch;
 }