On Thu, Jan 26, 2023 at 10:37 AM Todd C. Miller <todd.mil...@millert.dev> wrote:
> On Thu, 26 Jan 2023 10:29:36 -0800, enh wrote: > > > yeah, but that's the copy & paste-o, no? (apologies if it's just too > early > > for me to be looking at code yet...) > > > > doesn't this need to be int64_t? > > > > int result = 0; > > Yes, it does, thanks. > > > https://github.com/openbsd/src/blob/master/lib/libc/time/strptime.c#L613 > > > > (i think the overflow checks are insufficient in both copies of the > > function too, especially around the min and max values, but this seems > like > > the biggest problem with the code.) > > The checks for underflow/overflow appear to be insufficient. > My inclination is to just convert everything to use strtonum(3). > yeah, that's one thing i liked the freebsd variant --- "don't make me think" :-) a quick glance at strtonum() lgtm. > - todd >
