| From: Matt Rogers <[email protected]> | On 05/17, D. Hugh Redelmeier wrote: | > Through this process, I'm coming to think that a ttoul-like function that | > also does range-checking would be worthwhile. It is just too easy to be | > lazy about range checks. | | It could just be a wrapper for ttoul, and that could replace the manual checks | in plutomain, etc..
Yes. | Although I did notice: | | case 'x': /* --crlcheckinterval <time>*/ | ugh = ttoul(optarg, 0, 10, &u); | if (ugh != NULL) | break; | crl_check_interval = u; | continue; | | This is one that is not range checked. What would be a good ceiling for crl fetch intervals? I don't know any, so I didn't put one in. But we don't have a way of expressing the maximum value that can be stored in a time_t (and hence a deltatime_t). That is surely an upper bound that we should be checking because it is going to be less than ULONG_MAX. I guess we should invent one. Perhaps this will do: #define TIME_T_MAX ((time_t) (1ul << (sizeof(time_t) * BITS_PER_BYTE - 1) - 1)) One imperfection is that some imaginary C implementation (Burroughs 5000 and successors? CDC 6600 and successors?) might have bits in an integral type that don't participate in the value -- that's legal in C (or was when I last paid attention). _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
