From: Simon McVittie Date: Fri, 16 May 2025 10:51:36 +0000 (+0100) Subject: timeout: Assert that the timeout interval is non-negative X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=626ae07151b9e1e88706f5293bfb690db21aac41;p=thirdparty%2Fdbus.git timeout: Assert that the timeout interval is non-negative We should never allocate a DBusTimeout with a negative timeout set: if we want to wait forever for an event to happen, that's represented by the absence of a DBusTimeout. This ensures that code in DBusConnection can safely assume that the timeout retrieved from a DBusTimeout will always be in its allowed range (-1 to INT_MAX inclusive). I've checked that all current callers get this right. Signed-off-by: Simon McVittie --- diff --git a/dbus/dbus-timeout.c b/dbus/dbus-timeout.c index 412420e4a..3da8750aa 100644 --- a/dbus/dbus-timeout.c +++ b/dbus/dbus-timeout.c @@ -42,7 +42,7 @@ struct DBusTimeout { int refcount; /**< Reference count */ - int interval; /**< Timeout interval in milliseconds. */ + int interval; /**< Timeout interval in milliseconds, always non-negative */ DBusTimeoutHandler handler; /**< Timeout handler. */ void *handler_data; /**< Timeout handler data. */ @@ -56,7 +56,7 @@ struct DBusTimeout /** * Creates a new DBusTimeout, enabled by default. - * @param interval the timeout interval in milliseconds. + * @param interval the timeout interval in milliseconds, which must be non-negative * @param handler function to call when the timeout occurs. * @param data data to pass to the handler * @param free_data_function function to be called to free the data. @@ -70,6 +70,8 @@ _dbus_timeout_new (int interval, { DBusTimeout *timeout; + _dbus_assert (interval >= 0); + timeout = dbus_new0 (DBusTimeout, 1); if (timeout == NULL) return NULL; @@ -134,7 +136,7 @@ _dbus_timeout_unref (DBusTimeout *timeout) * but it cannot be used in conjunction with an application main loop. * * @param timeout the timeout - * @param interval the new interval + * @param interval the new interval, which must be non-negative */ void _dbus_timeout_restart (DBusTimeout *timeout, @@ -438,7 +440,7 @@ _dbus_timeout_restarted (DBusTimeout *timeout) * to notify you of the change. * * @param timeout the DBusTimeout object. - * @returns the interval in milliseconds. + * @returns the interval in milliseconds, which is always non-negative */ int dbus_timeout_get_interval (DBusTimeout *timeout)