...
Note that POSIX ® specifies that the time() function must return a value of type time_t, representing time in seconds since the Epoch. Thus, POSIX-conforming applications that aren't intended to be portable to other environments may safely perform arithmetic operations on time_t objects.
...
| Code Block | ||
|---|---|---|
| ||
int do_work(int seconds_to_work) {
time_t start = time(NULL);
time_t current = start;
if (start == (time_t)(-1)) {
/* Handle error */
}
while (difftime(current, start) < seconds_to_work) {
current = time(NULL);
if (current == (time_t)(-1)) {
/* Handle error */
}
/* ... */
}
return 0;
}
|
Note that this loop may might still not exit , because the range of time_t may might not be able to represent two times seconds_to_work apart.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
CERT C++ Secure Coding Standard: MSC05-CPP. Do not manipulate time_t typed values directly
ISO/IEC 9899:1999 Section 7.23, "Date and time <time.h>"
Bibliography
| Wiki Markup |
|---|
\[[Kettlewell 2002|AA. Bibliography#Kettlewell 02]\] Section 4.1, "time_t"
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.23, "Date and time <time.h>" |
...
49. Miscellaneous (MSC) MSC06-C. Be aware of compiler optimization when dealing with sensitive data