lib/gettime.c: gettime(): Call a2i() instead of strtoull_noneg()

time_t isn't necessarily unsigned (in fact, it's likely to be signed.
Therefore, parse the number as the right type, via a2i(time_t, ...).

Still, reject negative numbers, just to be cautious.  It was done
before (strtoull_noneg()), so it shouldn't be a problem.  (However,
strtoull_noneg() was only introduced recently, and before that we called
strtoull(3), which silently accepted negative values.)

Remove the limitation of ULONG_MAX, which seems arbitrary.  It probably
was written in times where 'time_t' had the same length of 'long', and
this was thus a test that the value didn't overflow 'time_t'.  Such a
test is implicit in the a2i() call, so forget about it.

Unify the error messages into a single one that provides all the info
(except the value of 'fallback').

Link: <https://github.com/shadow-maint/shadow/commit/cb610d54b47ea2fc3da5a1b7c5a71274ada91371#r136407772>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Cc: Chris Lamb <lamby@debian.org>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

diff --git a/lib/gettime.c b/lib/gettime.c
index f4ad3d79ffb14088884044fff96c098716af23ce..c61c88c395d47b3c04d60db8eccbd173f4bf4803 100644 (file)
--- a/lib/gettime.c
+++ b/lib/gettime.c
@@ -1,8 +1,7 @@
-/*
- * SPDX-FileCopyrightText: 2017, Chris Lamb
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
+// SPDX-FileCopyrightText: 2017, Chris Lamb
+// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
+// SPDX-License-Identifier: BSD-3-Clause
+
 
 #include <config.h>
 
@@ -12,11 +11,12 @@
 #include <limits.h>
 #include <stdio.h>
 
-#include "atoi/strtou_noneg.h"
+#include "atoi/a2i.h"
 #include "defines.h"
 #include "prototypes.h"
 #include "shadowlog.h"
 
+
 /*
  * gettime() returns the time as the number of seconds since the Epoch
  *
@@ -24,13 +24,12 @@
  * Epoch, 1970-01-01 00:00:00 +0000 (UTC), except that if the SOURCE_DATE_EPOCH
  * environment variable is exported it will use that instead.
  */
-/*@observer@*/time_t gettime (void)
+/*@observer@*/time_t
+gettime(void)
 {
-       char  *end;
-       char *source_date_epoch;
-       time_t fallback;
-       unsigned long long epoch;
-       FILE *shadow_logfd = log_get_logfd();
+       char    *source_date_epoch;
+       FILE    *shadow_logfd = log_get_logfd();
+       time_t  fallback, epoch;
 
        fallback = time (NULL);
        source_date_epoch = shadow_getenv ("SOURCE_DATE_EPOCH");
@@ -38,32 +37,11 @@
        if (!source_date_epoch)
                return fallback;
 
-       errno = 0;
-       epoch = strtoull_noneg(source_date_epoch, &end, 10);
-       if (errno != 0) {
-               fprintf (shadow_logfd,
-                        _("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n"),
-                        strerror(errno));
-       } else if (end == source_date_epoch) {
-               fprintf (shadow_logfd,
-                        _("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n"),
-                        end);
-       } else if (*end != '\0') {
-               fprintf (shadow_logfd,
-                        _("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n"),
-                        end);
-       } else if (epoch > ULONG_MAX) {
-               fprintf (shadow_logfd,
-                        _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"),
-                        ULONG_MAX, epoch);
-       } else if ((time_t)epoch > fallback) {
-               fprintf (shadow_logfd,
-                        _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"),
-                        fallback, epoch);
-       } else {
-               /* Valid */
-               return epoch;
+       if (a2i(time_t, &epoch, source_date_epoch, NULL, 10, 0, fallback) == -1) {
+               fprintf(shadow_logfd,
+                       _("Environment variable $SOURCE_DATE_EPOCH: a2i(\"%s\"): %s"),
+                       source_date_epoch, strerror(errno));
+               return fallback;
        }
-
-       return fallback;
+       return epoch;
 }