 
                            The type time_t is specified as an "arithmetic type capable of representing times." However, how the way time is encoded within this arithmetic type by the function time() is unspecified. See unspecified behavior  46 48 in section Annex J .1 of the C Standard [ISO/IEC 9899:2011]. Because the encoding is unspecified, there is no safe way to manually perform arithmetic on the type, and as a result, the values should not be modified directly.
...
Using time_t incorrectly can lead to broken logic that can place a program in an infinite loop or cause an expected logic branch to not execute.
| Recommendation | Severity | Likelihood | 
|---|
| Detectable | Repairable | Priority | Level | 
|---|---|---|---|
| MSC05-C | Low | 
| Unlikely | 
| Yes | 
| No | P2 | L3 | 
Automated Detection
| Tool | Version | Checker | Description | 
|---|---|---|---|
| Compass/ROSE | 
| Can detect violations of this recommendation | |||||||||
| 
 | CC2.MSC05 | Fully implemented | |||||||
| LDRA tool suite | 
 | 96 S, 101 S, 107 S, 433 S, 458 S | Partially Implemented | 
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...
ISO/IEC 9899:2011 Section 7.27, "Date and time <time.h>"
Bibliography
| [Kettlewell 2002] | Section 4.1, " time_t" | 
...