Re: avoid integer overflow in mktime.m4

[Paul Eggert]

Here's the patch I installed to gnulib, to sync it from the
mktime patch in Autoconf.

2006-12-22  Paul Eggert  <address@hidden>

        * m4/mktime.m4 (AC_FUNC_MKTIME): Sync from Autoconf.
        Include <limits.h>, and use its INT_MAX to rewrite the
        j loop so that it does not overflow 'int'.  Problem reported by
        Ralf Wildenhues in
        <http://lists.gnu.org/archive/html/bug-gnulib/2006-12/msg00084.html>.
        Play it safe by shifting left by 1 rather than multiplying by 2,
        as GCC is less likely to optimize this away when the value
        is signed (when it assumes overflow leads to undefined behavior).
        Also, don't assume time_t uses two's complement.

--- m4/mktime.m4        8 Sep 2006 22:48:25 -0000       1.25
+++ m4/mktime.m4        22 Dec 2006 08:53:29 -0000
@@ -1,4 +1,4 @@
-#serial 8
+#serial 9
 dnl Copyright (C) 2002, 2003, 2005, 2006 Free Software Foundation, Inc.
 dnl This file is free software; the Free Software Foundation
 dnl gives unlimited permission to copy and/or distribute it,
@@ -6,10 +6,10 @@ dnl with or without modifications, as lo

 dnl From Jim Meyering.

-# Redefine AC_FUNC_MKTIME, to fix a bug in Autoconf 2.60a and earlier.
+# Redefine AC_FUNC_MKTIME, to fix a bug in Autoconf 2.61a and earlier.
 # This redefinition can be removed once a new version of Autoconf is assumed.
 # The redefinition is taken from
-# 
<http://cvs.sv.gnu.org/viewcvs/*checkout*/autoconf/lib/autoconf/functions.m4?rev=1.108&root=autoconf>.
+# 
<http://cvs.sv.gnu.org/viewcvs/*checkout*/autoconf/autoconf/lib/autoconf/functions.m4?rev=1.119>.
 # AC_FUNC_MKTIME
 # --------------
 AC_DEFUN([AC_FUNC_MKTIME],
@@ -30,6 +30,7 @@ AC_CACHE_CHECK([for working mktime], ac_
 # endif
 #endif

+#include <limits.h>
 #include <stdlib.h>

 #ifdef HAVE_UNISTD_H
@@ -178,12 +179,15 @@ main ()
      isn't worth using anyway.  */
   alarm (60);

-  for (time_t_max = 1; 0 < time_t_max; time_t_max *= 2)
-    continue;
-  time_t_max--;
-  if ((time_t) -1 < 0)
-    for (time_t_min = -1; (time_t) (time_t_min * 2) < 0; time_t_min *= 2)
-      continue;
+  for (;;)
+    {
+      t = (time_t_max << 1) + 1;
+      if (t <= time_t_max)
+       break;
+      time_t_max = t;
+    }
+  time_t_min = - ((time_t) ~ (time_t) 0 == (time_t) -1) - time_t_max;
+
   delta = time_t_max / 997; /* a suitable prime number */
   for (i = 0; i < N_STRINGS; i++)
     {
@@ -198,10 +202,12 @@ main ()
             && mktime_test ((time_t) (60 * 60 * 24))))
        return 1;

-      for (j = 1; 0 < j; j *= 2)
+      for (j = 1; ; j <<= 1)
        if (! bigtime_test (j))
          return 1;
-      if (! bigtime_test (j - 1))
+       else if (INT_MAX / 2 < j)
+         break;
+      if (! bigtime_test (INT_MAX))
        return 1;
     }
   return ! (irix_6_4_bug () && spring_forward_gap () && year_2050_test ());