GNOME Bugzilla – Bug 335731
g_date_(add|subtract)_(days|months|years) missing overflow checks
Last modified: 2018-04-13 14:31:20 UTC
All these functions lack checks for overflows.
*** Bug 540012 has been marked as a duplicate of this bug. ***
Created attachment 370867 [details] [review] gdate: Add overflow precondition checks for g_date_[add|subtract]_*() These turn undefined or hard-to-detect misbehaviour into a well-defined critical warning and early return. Signed-off-by: Philip Withnall <withnall@endlessm.com>
Review of attachment 370867 [details] [review]: Looks good to me; one minor nitpick, but it's not a blocker. ::: glib/gdate.c @@ +1722,3 @@ g_date_update_dmy (d); + g_return_if_fail (d->dmy); I have a personal dislike for using the implicit truthy value of integers; it would be nice to take the chance, and just replace this with an explicit `d->dmy != 0`. @@ +1813,3 @@ g_date_update_dmy (d); + g_return_if_fail (d->dmy); Same as above.
Pushed to master, plus a follow-up commit with the dmy changes. Thanks. Attachment 370867 [details] pushed as 38080ba - gdate: Add overflow precondition checks for g_date_[add|subtract]_*()