git.ipfire.org Git - thirdparty/shadow.git/commit

author	Alejandro Colomar <alx@kernel.org>
	Sat, 6 Jan 2024 22:15:06 +0000 (23:15 +0100)
committer	Alejandro Colomar <alx@kernel.org>
	Mon, 27 May 2024 14:32:09 +0000 (16:32 +0200)
commit	895dfd77d2104c5c647580d503dece74207eee1e
tree	5630001af3234a29b7dc286569b0c47de2c53895	tree \| snapshot
parent	9dddcd29f131ac4eeeb47e8c4c7a7ae45d4e6b72	commit \| diff

lib/gettime.c: gettime(): Call a2i() instead of strtoull_noneg()

time_t isn't necessarily unsigned (in fact, it's likely to be signed.
Therefore, parse the number as the right type, via a2i(time_t, ...).

Still, reject negative numbers, just to be cautious.  It was done
before (strtoull_noneg()), so it shouldn't be a problem.  (However,
strtoull_noneg() was only introduced recently, and before that we called
strtoull(3), which silently accepted negative values.)

Remove the limitation of ULONG_MAX, which seems arbitrary.  It probably
was written in times where 'time_t' had the same length of 'long', and
this was thus a test that the value didn't overflow 'time_t'.  Such a
test is implicit in the a2i() call, so forget about it.

Unify the error messages into a single one that provides all the info
(except the value of 'fallback').

Link: <https://github.com/shadow-maint/shadow/commit/cb610d54b47ea2fc3da5a1b7c5a71274ada91371#r136407772>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Cc: Chris Lamb <lamby@debian.org>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>