projects / postgresql.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: d10866f) | patch
Avoid assuming that time_t can fit in an int.
authorTom Lane <tgl@sss.pgh.pa.us>
Wed, 22 Oct 2025 21:50:05 +0000 (17:50 -0400)
committerTom Lane <tgl@sss.pgh.pa.us>
Wed, 22 Oct 2025 21:50:11 +0000 (17:50 -0400)
commitfe9c051fd3ff5c453b46cf2c958782227e4b3c69
tree44664bc1b8b93830c95236ad3b139991e15c58ectree
parentd10866f1fdf1fbf66605b47e8303848b6c7d950bcommit | diff
Avoid assuming that time_t can fit in an int.

We had several places that used cast-to-unsigned-int as a substitute
for properly checking for overflow.  Coverity has started objecting
to that practice as likely introducing Y2038 bugs.  An extra
comparison is surely not much compared to the cost of time(NULL), nor
is this coding practice particularly readable.  Let's do it honestly,
with explicit logic covering the cases of first-time-through and
clock-went-backwards.

I don't feel a need to back-patch though: our released versions
will be out of support long before 2038, and besides which I think
the code would accidentally work anyway for another 70 years or so.
src/backend/postmaster/pgarch.c diff | blob | blame | history
src/backend/postmaster/postmaster.c diff | blob | blame | history
src/backend/replication/logical/slotsync.c diff | blob | blame | history
This is the main PostgreSQL git repository.