[PATCH] Fix 32-bit overflow in Divesoft Freedom time handling
Dirk Hohndel
dirk at hohndel.org
Sat Oct 3 04:03:24 PDT 2015
On Sat, Oct 03, 2015 at 09:38:10AM +0200, Anton Lundin wrote:
> On 02 October, 2015 - Linus Torvalds wrote:
>
> > Commit 31fb2e4c62ab ("Avoid possible sign extension") handled the
> > problem when a "unsigned char" is shifted 24 bits left, and becomes a
> > "signed int". By casting the result to uint32_t, that signed case won't
> > happen.
> >
>
> The root bug was mine. Another one of C's wonderful things that i didn't
> know about.
>
> > Of course, it's not at all clear that the 32-bit number is actually
> > unsigned to begin with. Maybe it's meant to be signed, the way
> > traditional 32-bit unix time_t is. Maybe the Divesoft Freedom was
> > designed to also be able to import dives from before Jan 1, 2000. Who
> > knows? Not me. I've never seen one of those things.
> >
>
> Most of the work to import the Divesoft files was done by
> reverse-engineering, but after a while we got a answer from the Divesoft
> folks with a C header containing structs, enums and typedef's on how the
> format actually looks.
>
> The tings we never managed to figure out was corrected then. One real
> gotcha was the 10-bit signed temp field in 0.1 C. I'd never managed to
> guess that it was 10-bit.
>
>
> Anyhow, the dive start timestamp is a 32-bit signed in seconds since
> 2000-01-01 00:00:00, according to the header file and the comments in
> it.
Which then means that the old code was actually correct and the fix and
the fix of the fix were actually wrong?
/D
More information about the subsurface
mailing list