From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Taylor Blau <me@ttaylorr.com>,
git@vger.kernel.org, emilyshaffer@google.com
Subject: Re: [PATCH v2] builtin/bugreport.c: use thread-safe localtime_r()
Date: Tue, 01 Dec 2020 10:27:20 -0800 [thread overview]
Message-ID: <xmqqlfehqt4n.fsf@gitster.c.googlers.com> (raw)
In-Reply-To: <X8WqFynk23yWT6E3@coredump.intra.peff.net> (Jeff King's message of "Mon, 30 Nov 2020 21:27:35 -0500")
Jeff King <peff@peff.net> writes:
> We might also want to do this on top:
>
> -- >8 --
> Subject: [PATCH] banned.h: mark non-reentrant gmtime, etc as banned
I see the patch does more than what subject describes.
I am not opposed to banning ctime_r() and asctime_r(), but I do not
want to see our future readers wonder why they are banned by the
commit whose title clearly states that we refuse non-reentrant ones
in our codebase.
Thanks.
> The traditional gmtime(), localtime(), ctime(), and asctime() functions
> return pointers to shared storage. This means they're not thread-safe,
> and they also run the risk of somebody holding onto the result across
> multiple calls (where each call invalidates the previous result).
>
> All callers should be using gmtime_r() or localtime_r() instead.
>
> The ctime_r() and asctime_r() functions are OK in that respect, but have
> no check that the buffer we pass in is long enough (the manpage says it
> "should have room for at least 26 bytes"). Since this is such an
> easy-to-get-wrong interface, and since we have the much safer stftime()
> as well as its more conveinent strbuf_addftime() wrapper, let's likewise
> ban both of those.
>
> Signed-off-by: Jeff King <peff@peff.net>
> ---
> TBH, ctime() and its variants are so awful that I doubt anybody would
> try to use them, but it doesn't hurt to err on the side of caution.
>
> banned.h | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/banned.h b/banned.h
> index 60a18d4403..7ab4f2e492 100644
> --- a/banned.h
> +++ b/banned.h
> @@ -29,4 +29,17 @@
> #define vsprintf(buf,fmt,arg) BANNED(vsprintf)
> #endif
>
> +#undef gmtime
> +#define gmtime(t) BANNED(gmtime)
> +#undef localtime
> +#define localtime(t) BANNED(localtime)
> +#undef ctime
> +#define ctime(t) BANNED(ctime)
> +#undef ctime_r
> +#define ctime_r(t, buf) BANNED(ctime_r)
> +#undef asctime
> +#define asctime(t) BANNED(asctime)
> +#undef asctime_r
> +#define asctime_r(t, buf) BANNED(asctime_r)
> +
> #endif /* BANNED_H */
next prev parent reply other threads:[~2020-12-01 18:28 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-30 23:06 [PATCH] builtin/bugreport.c: use thread-safe localtime_r() Taylor Blau
2020-12-01 0:30 ` [PATCH v2] " Taylor Blau
2020-12-01 2:27 ` Jeff King
2020-12-01 3:15 ` Eric Sunshine
2020-12-01 18:27 ` Junio C Hamano [this message]
2020-12-01 18:34 ` Taylor Blau
2020-12-01 21:11 ` [PATCH v2 1/2] banned.h: mark non-reentrant gmtime, etc as banned Junio C Hamano
2020-12-01 21:11 ` [PATCH v2 2/2] banned.h: mark ctime_r() and asctime_r() " Junio C Hamano
2020-12-01 21:16 ` Eric Sunshine
2020-12-01 22:07 ` Junio C Hamano
2020-12-01 22:22 ` Taylor Blau
2020-12-06 14:56 ` [PATCH v2 1/2] banned.h: mark non-reentrant gmtime, etc " SZEDER Gábor
2020-12-02 1:57 ` [PATCH v2] builtin/bugreport.c: use thread-safe localtime_r() Jeff King
2020-12-01 0:31 ` [PATCH] " Eric Sunshine
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqlfehqt4n.fsf@gitster.c.googlers.com \
--to=gitster@pobox.com \
--cc=emilyshaffer@google.com \
--cc=git@vger.kernel.org \
--cc=me@ttaylorr.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).