diff options
author | Zack Weinberg <zackw@panix.com> | 2019-08-19 13:51:25 -0400 |
---|---|---|
committer | Zack Weinberg <zackw@panix.com> | 2020-01-06 15:39:28 -0500 |
commit | c246b06a68ca6ef1ffcde790980a47bcbbedece9 (patch) | |
tree | 811f93e2b914d28692a38753d4b7dd25dda37ebe /sysdeps/generic | |
parent | d5f4d0ac6a14cc3385dc4180698f939ca0ee00f5 (diff) | |
download | glibc-zack/obsolete-time-functions.tar.gz glibc-zack/obsolete-time-functions.tar.xz glibc-zack/obsolete-time-functions.zip |
Warn when gettimeofday is called with non-null tzp argument. zack/obsolete-time-functions
Since there are no known uses of gettimeofday's vestigial "get time zone" feature that are not bugs, add a fortify-style wrapper inline to sys/time.h that issues a warning whenever gettimeofday is called with a second argument that is not a compile-time null pointer constant. At present this is only possible with GCC; clang does not implement attribute((warning)). The wrapper is only activated when __OPTIMIZE__ is defined because it throws false positives when optimization is off, even though it's an always-inline function. An oversight in the implementation of __builtin_constant_p causes it to fail to detect compile-time *pointer* constants unless they are cast to an integer of a different size. (Loss of data in this cast is harmless; the overall expression is still constant if and only if the original pointer was.) This is GCC bug 95514. Thanks to Kamil Cukrowski <kamilcukrowski@gmail.com> for the workaround. As a precaution, I added a static assertion to debug/warning-nop.c to make sure that the cast _is_ casting to an integer of a different size; this is too unlikely a scenario to be worth checking in the public header, but if someone ever adds a port where short is the same size as intptr_t, we'll still catch it.
Diffstat (limited to 'sysdeps/generic')
0 files changed, 0 insertions, 0 deletions