# HG changeset patch # User Paul Eggert # Date 1142150292 0 # Node ID 76553bca8ed8fb69f7b3488557af0cb999727698 # Parent f4aef34b83a3dd1041ad97810be5474430f639bc * time_r.h (asctime_r, ctime_r): Remove. These functions can overrun buffers and shouldn't be used (much as gets shouldn't be used). * time_r.c (asctime_r, ctime_r): Likewise. diff --git a/lib/ChangeLog b/lib/ChangeLog --- a/lib/ChangeLog +++ b/lib/ChangeLog @@ -1,3 +1,10 @@ +2006-03-11 Paul Eggert + + * time_r.h (asctime_r, ctime_r): Remove. These functions can + overrun buffers and shouldn't be used (much as gets shouldn't be + used). + * time_r.c (asctime_r, ctime_r): Likewise. + 2006-03-08 Simon Josefsson * gc-gnulib.c (randomize): Don't open files called 'no', they diff --git a/lib/time_r.c b/lib/time_r.c --- a/lib/time_r.c +++ b/lib/time_r.c @@ -1,6 +1,6 @@ /* Reentrant time functions like localtime_r. - Copyright (C) 2003 Free Software Foundation, Inc. + Copyright (C) 2003, 2006 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -44,18 +44,6 @@ } -char * -asctime_r (struct tm const * restrict tm, char * restrict buf) -{ - return copy_string_result (buf, asctime (tm)); -} - -char * -ctime_r (time_t const *t, char *buf) -{ - return copy_string_result (buf, ctime (t)); -} - struct tm * gmtime_r (time_t const * restrict t, struct tm * restrict tp) { diff --git a/lib/time_r.h b/lib/time_r.h --- a/lib/time_r.h +++ b/lib/time_r.h @@ -1,6 +1,6 @@ /* Reentrant time functions like localtime_r. - Copyright (C) 2003, 2005 Free Software Foundation, Inc. + Copyright (C) 2003, 2005, 2006 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -27,25 +27,20 @@ #include #if !HAVE_TIME_R_POSIX -# undef asctime_r -# undef ctime_r + +/* Don't bother with asctime_r and ctime_r, since these functions are + not safe (like asctime and ctime, they can overrun their 26-byte + output buffers when given outlandish struct tm values), and we + don't want to encourage applications to use unsafe functions. Use + strftime or even sprintf instead. */ + # undef gmtime_r # undef localtime_r -# define asctime_r rpl_asctime_r -# define ctime_r rpl_ctime_r # define gmtime_r rpl_gmtime_r # define localtime_r rpl_localtime_r /* See the POSIX:2001 specification - . */ -char *asctime_r (struct tm const * restrict, char * restrict); - -/* See the POSIX:2001 specification - . */ -char *ctime_r (time_t const *, char *); - -/* See the POSIX:2001 specification . */ struct tm *gmtime_r (time_t const * restrict, struct tm * restrict);