The type time_t is specified as an "arithmetic type capable of representing times." However, how time is encoded within this arithmetic type by the function time() is unspecified. See unspecified behavior 43 in section J.1 of guideline C99. Because the encoding is unspecified, there is no safe way to manually perform arithmetic on the type, and, as a result, the values should not be modified directly.
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC05-C | low | unlikely | medium | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
|
|
|
|
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
This rule appears in the C++ Secure Coding Standard as : MSC05-CPP. Do not manipulate time_t typed values directly.
Bibliography
| Wiki Markup |
|---|
\[[Kettlewell 02|AA. Bibliography#Kettlewell 02]\] Section 4.1, "time_t" \[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.23, "Date and time <time.h>" |
...