-/* Copyright (C) 1991-1993,1995-2001,2003,2004,2006, 2007
- Free Software Foundation, Inc.
+/* Copyright (C) 1991-2019 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
- License along with the GNU C Library; if not, write to the Free
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
- 02111-1307 USA. */
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
#include <assert.h>
#include <limits.h>
#include <time.h>
#include <unistd.h>
#include <sys/stat.h>
+#include <stdint.h>
+#include <alloc_buffer.h>
-#define NOID
#include <timezone/tzfile.h>
int __use_tzfile;
struct ttinfo
{
- long int offset; /* Seconds east of GMT. */
+ int offset; /* Seconds east of GMT. */
unsigned char isdst; /* Used to set tm_isdst. */
unsigned char idx; /* Index into `zone_names'. */
unsigned char isstd; /* Transition times are in standard time. */
struct leap
{
- time_t transition; /* Time the transition takes effect. */
+ __time64_t transition; /* Time the transition takes effect. */
long int change; /* Seconds of correction to apply. */
};
-static void compute_tzname_max (size_t) internal_function;
-
static size_t num_transitions;
-libc_freeres_ptr (static time_t *transitions);
+libc_freeres_ptr (static __time64_t *transitions);
static unsigned char *type_idxs;
static size_t num_types;
static struct ttinfo *types;
{
static const char default_tzdir[] = TZDIR;
size_t num_isstd, num_isgmt;
- register FILE *f;
+ FILE *f;
struct tzhead tzhead;
size_t chars;
- register size_t i;
- size_t total_size;
- size_t types_idx;
- size_t leaps_idx;
+ size_t i;
int was_using_tzfile = __use_tzfile;
int trans_width = 4;
- size_t tzspec_len;
+ char *new = NULL;
- if (sizeof (time_t) != 4 && sizeof (time_t) != 8)
- abort ();
+ _Static_assert (sizeof (__time64_t) == 8,
+ "__time64_t must be eight bytes");
__use_tzfile = 0;
if (*file != '/')
{
const char *tzdir;
- unsigned int len, tzdir_len;
- char *new, *tmp;
tzdir = getenv ("TZDIR");
if (tzdir == NULL || *tzdir == '\0')
- {
- tzdir = default_tzdir;
- tzdir_len = sizeof (default_tzdir) - 1;
- }
- else
- tzdir_len = strlen (tzdir);
- len = strlen (file) + 1;
- new = (char *) __alloca (tzdir_len + 1 + len);
- tmp = __mempcpy (new, tzdir, tzdir_len);
- *tmp++ = '/';
- memcpy (tmp, file, len);
+ tzdir = default_tzdir;
+ if (__asprintf (&new, "%s/%s", tzdir, file) == -1)
+ goto ret_free_transitions;
file = new;
}
&& stat64 (file, &st) == 0
&& tzfile_ino == st.st_ino && tzfile_dev == st.st_dev
&& tzfile_mtime == st.st_mtime)
- {
- /* Nothing to do. */
- __use_tzfile = 1;
- return;
- }
+ goto done; /* Nothing to do. */
/* Note the file is opened with cancellation in the I/O functions
- disabled. */
- f = fopen (file, "rc");
+ disabled and if available FD_CLOEXEC set. */
+ f = fopen (file, "rce");
if (f == NULL)
goto ret_free_transitions;
/* Get information about the file we are actually using. */
- if (fstat64 (fileno (f), &st) != 0)
- {
- fclose (f);
- goto ret_free_transitions;
- }
+ if (fstat64 (__fileno (f), &st) != 0)
+ goto lose;
free ((void *) transitions);
transitions = NULL;
__fsetlocking (f, FSETLOCKING_BYCALLER);
read_again:
- if (__builtin_expect (fread_unlocked ((void *) &tzhead, sizeof (tzhead),
- 1, f) != 1, 0)
+ if (__builtin_expect (__fread_unlocked ((void *) &tzhead, sizeof (tzhead),
+ 1, f) != 1, 0)
|| memcmp (tzhead.tzh_magic, TZ_MAGIC, sizeof (tzhead.tzh_magic)) != 0)
goto lose;
num_isstd = (size_t) decode (tzhead.tzh_ttisstdcnt);
num_isgmt = (size_t) decode (tzhead.tzh_ttisgmtcnt);
- /* For platforms with 64-bit time_t we use the new format if available. */
- if (sizeof (time_t) == 8 && trans_width == 4
- && tzhead.tzh_version[0] != '\0')
+ if (__glibc_unlikely (num_isstd > num_types || num_isgmt > num_types))
+ goto lose;
+
+ if (trans_width == 4 && tzhead.tzh_version[0] != '\0')
{
/* We use the 8-byte format. */
trans_width = 8;
goto read_again;
}
- total_size = num_transitions * (sizeof (time_t) + 1);
- total_size = ((total_size + __alignof__ (struct ttinfo) - 1)
- & ~(__alignof__ (struct ttinfo) - 1));
- types_idx = total_size;
- total_size += num_types * sizeof (struct ttinfo) + chars;
- total_size = ((total_size + __alignof__ (struct leap) - 1)
- & ~(__alignof__ (struct leap) - 1));
- leaps_idx = total_size;
- total_size += num_leaps * sizeof (struct leap);
- tzspec_len = (trans_width == 8
- ? st.st_size - (ftello (f)
- + num_transitions * (8 + 1)
- + num_types * 6
- + chars
- + num_leaps * 8
- + num_isstd
- + num_isgmt) - 1 : 0);
-
- /* Allocate enough memory including the extra block requested by the
- caller. */
- transitions = (time_t *) malloc (total_size + tzspec_len + extra);
- if (transitions == NULL)
- goto lose;
-
- type_idxs = (unsigned char *) transitions + (num_transitions
- * sizeof (time_t));
- types = (struct ttinfo *) ((char *) transitions + types_idx);
- zone_names = (char *) types + num_types * sizeof (struct ttinfo);
- leaps = (struct leap *) ((char *) transitions + leaps_idx);
+ /* Compute the size of the POSIX time zone specification in the
+ file. */
+ size_t tzspec_len;
if (trans_width == 8)
- tzspec = (char *) leaps + num_leaps * sizeof (struct leap);
- else
- tzspec = NULL;
- if (extra > 0)
- *extrap = (char *) &leaps[num_leaps];
-
- if (sizeof (time_t) == 4 || trans_width == 8)
{
- if (__builtin_expect (fread_unlocked (transitions, trans_width + 1,
- num_transitions, f)
- != num_transitions, 0))
+ off_t rem = st.st_size - __ftello (f);
+ if (__builtin_expect (rem < 0
+ || (size_t) rem < (num_transitions * (8 + 1)
+ + num_types * 6
+ + chars), 0))
+ goto lose;
+ tzspec_len = (size_t) rem - (num_transitions * (8 + 1)
+ + num_types * 6
+ + chars);
+ if (__builtin_expect (num_leaps > SIZE_MAX / 12
+ || tzspec_len < num_leaps * 12, 0))
+ goto lose;
+ tzspec_len -= num_leaps * 12;
+ if (__glibc_unlikely (tzspec_len < num_isstd))
+ goto lose;
+ tzspec_len -= num_isstd;
+ if (__glibc_unlikely (tzspec_len == 0 || tzspec_len - 1 < num_isgmt))
+ goto lose;
+ tzspec_len -= num_isgmt + 1;
+ if (tzspec_len == 0)
goto lose;
}
else
- {
- if (__builtin_expect (fread_unlocked (transitions, 4, num_transitions, f)
- != num_transitions, 0)
- || __builtin_expect (fread_unlocked (type_idxs, 1, num_transitions,
- f) != num_transitions, 0))
+ tzspec_len = 0;
+
+ /* The file is parsed into a single heap allocation, comprising of
+ the following arrays:
+
+ __time64_t transitions[num_transitions];
+ struct leap leaps[num_leaps];
+ struct ttinfo types[num_types];
+ unsigned char type_idxs[num_types];
+ char zone_names[chars];
+ char tzspec[tzspec_len];
+ char extra_array[extra]; // Stored into *pextras if requested.
+
+ The piece-wise allocations from buf below verify that no
+ overflow/wraparound occurred in these computations.
+
+ The order of the suballocations is important for alignment
+ purposes. __time64_t outside a struct may require more alignment
+ then inside a struct on some architectures, so it must come
+ first. */
+ _Static_assert (__alignof (__time64_t) >= __alignof (struct leap),
+ "alignment of __time64_t");
+ _Static_assert (__alignof (struct leap) >= __alignof (struct ttinfo),
+ "alignment of struct leap");
+ struct alloc_buffer buf;
+ {
+ size_t total_size = (num_transitions * sizeof (__time64_t)
+ + num_leaps * sizeof (struct leap)
+ + num_types * sizeof (struct ttinfo)
+ + num_transitions /* type_idxs */
+ + chars /* zone_names */
+ + tzspec_len + extra);
+ transitions = malloc (total_size);
+ if (transitions == NULL)
+ goto lose;
+ buf = alloc_buffer_create (transitions, total_size);
+ }
+
+ /* The address of the first allocation is already stored in the
+ pointer transitions. */
+ (void) alloc_buffer_alloc_array (&buf, __time64_t, num_transitions);
+ leaps = alloc_buffer_alloc_array (&buf, struct leap, num_leaps);
+ types = alloc_buffer_alloc_array (&buf, struct ttinfo, num_types);
+ type_idxs = alloc_buffer_alloc_array (&buf, unsigned char, num_transitions);
+ zone_names = alloc_buffer_alloc_array (&buf, char, chars);
+ if (trans_width == 8)
+ tzspec = alloc_buffer_alloc_array (&buf, char, tzspec_len);
+ else
+ tzspec = NULL;
+ if (extra > 0)
+ *extrap = alloc_buffer_alloc_array (&buf, char, extra);
+ if (alloc_buffer_has_failed (&buf))
+ goto lose;
+
+ if (__glibc_unlikely (__fread_unlocked (transitions, trans_width,
+ num_transitions, f)
+ != num_transitions)
+ || __glibc_unlikely (__fread_unlocked (type_idxs, 1, num_transitions, f)
+ != num_transitions))
goto lose;
- }
/* Check for bogus indices in the data file, so we can hereafter
safely use type_idxs[T] as indices into `types' and never crash. */
for (i = 0; i < num_transitions; ++i)
- if (__builtin_expect (type_idxs[i] >= num_types, 0))
+ if (__glibc_unlikely (type_idxs[i] >= num_types))
goto lose;
- if ((BYTE_ORDER != BIG_ENDIAN && (sizeof (time_t) == 4 || trans_width == 4))
- || (BYTE_ORDER == BIG_ENDIAN && sizeof (time_t) == 8
- && trans_width == 4))
+ if (trans_width == 4)
{
/* Decode the transition times, stored as 4-byte integers in
- network (big-endian) byte order. We work from the end of
- the array so as not to clobber the next element to be
- processed when sizeof (time_t) > 4. */
+ network (big-endian) byte order. We work from the end of the
+ array so as not to clobber the next element to be
+ processed. */
i = num_transitions;
while (i-- > 0)
transitions[i] = decode ((char *) transitions + i * 4);
}
- else if (BYTE_ORDER != BIG_ENDIAN && sizeof (time_t) == 8)
+ else if (BYTE_ORDER != BIG_ENDIAN)
{
/* Decode the transition times, stored as 8-byte integers in
network (big-endian) byte order. */
{
unsigned char x[4];
int c;
- if (__builtin_expect (fread_unlocked (x, 1, sizeof (x), f) != sizeof (x),
+ if (__builtin_expect (__fread_unlocked (x, 1,
+ sizeof (x), f) != sizeof (x),
0))
goto lose;
- c = getc_unlocked (f);
- if (__builtin_expect ((unsigned int) c > 1u, 0))
+ c = __getc_unlocked (f);
+ if (__glibc_unlikely ((unsigned int) c > 1u))
goto lose;
types[i].isdst = c;
- c = getc_unlocked (f);
- if (__builtin_expect ((size_t) c > chars, 0))
+ c = __getc_unlocked (f);
+ if (__glibc_unlikely ((size_t) c > chars))
/* Bogus index in data file. */
goto lose;
types[i].idx = c;
- types[i].offset = (long int) decode (x);
+ types[i].offset = decode (x);
}
- if (__builtin_expect (fread_unlocked (zone_names, 1, chars, f) != chars, 0))
+ if (__glibc_unlikely (__fread_unlocked (zone_names, 1, chars, f) != chars))
goto lose;
for (i = 0; i < num_leaps; ++i)
{
unsigned char x[8];
- if (__builtin_expect (fread_unlocked (x, 1, trans_width, f)
+ if (__builtin_expect (__fread_unlocked (x, 1, trans_width, f)
!= trans_width, 0))
goto lose;
- if (sizeof (time_t) == 4 || trans_width == 4)
- leaps[i].transition = (time_t) decode (x);
+ if (trans_width == 4)
+ leaps[i].transition = decode (x);
else
- leaps[i].transition = (time_t) decode64 (x);
+ leaps[i].transition = decode64 (x);
- if (__builtin_expect (fread_unlocked (x, 1, 4, f) != 4, 0))
+ if (__glibc_unlikely (__fread_unlocked (x, 1, 4, f) != 4))
goto lose;
leaps[i].change = (long int) decode (x);
}
for (i = 0; i < num_isstd; ++i)
{
- int c = getc_unlocked (f);
- if (__builtin_expect (c == EOF, 0))
+ int c = __getc_unlocked (f);
+ if (__glibc_unlikely (c == EOF))
goto lose;
types[i].isstd = c != 0;
}
for (i = 0; i < num_isgmt; ++i)
{
- int c = getc_unlocked (f);
- if (__builtin_expect (c == EOF, 0))
+ int c = __getc_unlocked (f);
+ if (__glibc_unlikely (c == EOF))
goto lose;
types[i].isgmt = c != 0;
}
/* Read the POSIX TZ-style information if possible. */
if (tzspec != NULL)
{
+ assert (tzspec_len > 0);
/* Skip over the newline first. */
- if (getc_unlocked (f) != '\n'
- || fread_unlocked (tzspec, 1, tzspec_len - 1, f) != tzspec_len - 1)
+ if (__getc_unlocked (f) != '\n'
+ || (__fread_unlocked (tzspec, 1, tzspec_len - 1, f)
+ != tzspec_len - 1))
tzspec = NULL;
else
tzspec[tzspec_len - 1] = '\0';
}
+ /* Don't use an empty TZ string. */
+ if (tzspec != NULL && tzspec[0] == '\0')
+ tzspec = NULL;
+
fclose (f);
/* First "register" all timezone names. */
for (i = 0; i < num_types; ++i)
- (void) __tzstring (&zone_names[types[i].idx]);
+ if (__tzstring (&zone_names[types[i].idx]) == NULL)
+ goto ret_free_transitions;
/* Find the standard and daylight time offsets used by the rule file.
We choose the offsets in the types of each flavor that are
if (__tzname[1] == NULL)
__tzname[1] = __tzname[0];
- compute_tzname_max (chars);
-
if (num_transitions == 0)
/* Use the first rule (which should also be the only one). */
rule_stdoff = rule_dstoff = types[0].offset;
__daylight = rule_stdoff != rule_dstoff;
__timezone = -rule_stdoff;
+ done:
__use_tzfile = 1;
+ free (new);
return;
lose:
fclose (f);
ret_free_transitions:
+ free (new);
free ((void *) transitions);
transitions = NULL;
}
void
__tzfile_default (const char *std, const char *dst,
- long int stdoff, long int dstoff)
+ int stdoff, int dstoff)
{
size_t stdlen = strlen (std) + 1;
size_t dstlen = strlen (dst) + 1;
/* Set the timezone. */
__timezone = -types[0].offset;
- compute_tzname_max (stdlen + dstlen);
+ /* Invalidate the tzfile attribute cache to force rereading
+ TZDEFRULES the next time it is used. */
+ tzfile_dev = 0;
+ tzfile_ino = 0;
+ tzfile_mtime = 0;
}
\f
void
-__tzfile_compute (time_t timer, int use_localtime,
+__tzfile_compute (__time64_t timer, int use_localtime,
long int *leap_correct, int *leap_hit,
struct tm *tp)
{
- register size_t i;
+ size_t i;
if (use_localtime)
{
__tzname[0] = NULL;
__tzname[1] = NULL;
- if (num_transitions == 0 || timer < transitions[0])
+ if (__glibc_unlikely (num_transitions == 0 || timer < transitions[0]))
{
/* TIMER is before any transition (or there are no transitions).
Choose the first non-DST type
++j;
}
}
- else if (timer >= transitions[num_transitions - 1])
+ else if (__glibc_unlikely (timer >= transitions[num_transitions - 1]))
{
- if (tzspec == NULL)
+ if (__glibc_unlikely (tzspec == NULL))
{
use_last:
- i = num_transitions - 1;
+ i = num_transitions;
goto found;
}
/* Convert to broken down structure. If this fails do not
use the string. */
- if (! __offtime (&timer, 0, tp))
+ if (__glibc_unlikely (! __offtime (timer, 0, tp)))
goto use_last;
/* Use the rules from the TZ string to compute the change. */
__tz_compute (timer, tp, 1);
- *leap_correct = 0L;
- *leap_hit = 0;
- return;
+ /* If tzspec comes from posixrules loaded by __tzfile_default,
+ override the STD and DST zone names with the ones user
+ requested in TZ envvar. */
+ if (__glibc_unlikely (zone_names == (char *) &leaps[num_leaps]))
+ {
+ assert (num_types == 2);
+ __tzname[0] = __tzstring (zone_names);
+ __tzname[1] = __tzstring (&zone_names[strlen (zone_names) + 1]);
+ }
+
+ goto leap;
}
else
{
then pick the type of the transition before it. */
size_t lo = 0;
size_t hi = num_transitions - 1;
- /* Assume that DST is changing twice a year and guess initial
- search spot from it.
- Half of a gregorian year has on average 365.2425 * 86400 / 2
- = 15778476 seconds. */
+ /* Assume that DST is changing twice a year and guess
+ initial search spot from it. Half of a gregorian year
+ has on average 365.2425 * 86400 / 2 = 15778476 seconds.
+ The value i can be truncated if size_t is smaller than
+ __time64_t, but this is harmless because it is just
+ a guess. */
i = (transitions[num_transitions - 1] - timer) / 15778476;
if (i < num_transitions)
{
i = hi;
found:
- /* assert (timer >= transitions[i - 1] && timer < transitions[i]); */
+ /* assert (timer >= transitions[i - 1]
+ && (i == num_transitions || timer < transitions[i])); */
__tzname[types[type_idxs[i - 1]].isdst]
= __tzstring (&zone_names[types[type_idxs[i - 1]].idx]);
size_t j = i;
++j;
}
+ if (__glibc_unlikely (__tzname[0] == NULL))
+ __tzname[0] = __tzname[1];
+
i = type_idxs[i - 1];
}
tp->tm_gmtoff = info->offset;
}
+ leap:
*leap_correct = 0L;
*leap_hit = 0;
/* Apply its correction. */
*leap_correct = leaps[i].change;
- if (timer == leaps[i].transition && /* Exactly at the transition time. */
- ((i == 0 && leaps[i].change > 0) ||
- leaps[i].change > leaps[i - 1].change))
+ if (timer == leaps[i].transition /* Exactly at the transition time. */
+ && ((i == 0 && leaps[i].change > 0)
+ || leaps[i].change > leaps[i - 1].change))
{
*leap_hit = 1;
while (i > 0
}
}
}
-\f
-static void
-internal_function
-compute_tzname_max (size_t chars)
-{
- const char *p;
-
- p = zone_names;
- do
- {
- const char *start = p;
- while (*p != '\0')
- ++p;
- if ((size_t) (p - start) > __tzname_cur_max)
- __tzname_cur_max = p - start;
- }
- while (++p < &zone_names[chars]);
-}
projects / thirdparty / glibc.git / blobdiff