diff options
author | Ingo Schwarze <schwarze@openbsd.org> | 2011-03-15 03:03:54 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@openbsd.org> | 2011-03-15 03:03:54 +0000 |
commit | 459a801e79bce62a2689d687f5e57917a5130e26 (patch) | |
tree | 44b98dd2c62c69ec362cd59a4a7a0ab35cce5e07 | |
parent | f45e957372aaf906237207a4f6863b716d1f0829 (diff) | |
download | mandoc-459a801e79bce62a2689d687f5e57917a5130e26.tar.gz |
my $buf = "string"; return $string; is cool in Perl, but not in C;
found by Ulrich Spoerlein <uqs at freebsd> using the clang static analyzer;
"ok, but please document the numbers" kristaps@
-rw-r--r-- | mandoc.c | 38 |
1 files changed, 22 insertions, 16 deletions
@@ -386,29 +386,35 @@ static char * time2a(time_t t) { struct tm tm; - char buf[DATESIZE]; - char *p; - size_t nsz, rsz; + char *buf, *p; + size_t ssz; int isz; localtime_r(&t, &tm); - p = buf; - rsz = DATESIZE; - - if (0 == (nsz = strftime(p, rsz, "%B ", &tm))) - return(NULL); - - p += (int)nsz; - rsz -= nsz; + /* + * Reserve space: + * up to 9 characters for the month (September) + blank + * up to 2 characters for the day + comma + blank + * 4 characters for the year and a terminating '\0' + */ + p = buf = mandoc_malloc(10 + 4 + 4 + 1); - if (-1 == (isz = snprintf(p, rsz, "%d, ", tm.tm_mday))) - return(NULL); + if (0 == (ssz = strftime(p, 10 + 1, "%B ", &tm))) + goto fail; + p += (int)ssz; + if (-1 == (isz = snprintf(p, 4 + 1, "%d, ", tm.tm_mday))) + goto fail; p += isz; - rsz -= isz; - return(strftime(p, rsz, "%Y", &tm) ? buf : NULL); + if (0 == strftime(p, 4 + 1, "%Y", &tm)) + goto fail; + return(buf); + +fail: + free(buf); + return(NULL); } @@ -430,7 +436,7 @@ mandoc_normdate(char *in, mandocmsg msg, void *data, int ln, int pos) t = 0; } out = t ? time2a(t) : NULL; - return(mandoc_strdup(out ? out : in)); + return(out ? out : mandoc_strdup(in)); } |