Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/kern kern: Clamp time_adjtime to avoid overflow.
details: https://anonhg.NetBSD.org/src/rev/c1a160e5fc82
branches: trunk
changeset: 363437:c1a160e5fc82
user: riastradh <riastradh%NetBSD.org@localhost>
date: Sat Mar 12 16:46:57 2022 +0000
description:
kern: Clamp time_adjtime to avoid overflow.
Reported-by: syzbot+7edce1a31dfd2a5eaa18%syzkaller.appspotmail.com@localhost
diffstat:
sys/kern/kern_time.c | 17 +++++++++++++----
1 files changed, 13 insertions(+), 4 deletions(-)
diffs (40 lines):
diff -r d4cfff5b0ee4 -r c1a160e5fc82 sys/kern/kern_time.c
--- a/sys/kern/kern_time.c Sat Mar 12 16:19:08 2022 +0000
+++ b/sys/kern/kern_time.c Sat Mar 12 16:46:57 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_time.c,v 1.211 2021/04/03 12:57:21 simonb Exp $ */
+/* $NetBSD: kern_time.c,v 1.212 2022/03/12 16:46:57 riastradh Exp $ */
/*-
* Copyright (c) 2000, 2004, 2005, 2007, 2008, 2009, 2020
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.211 2021/04/03 12:57:21 simonb Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.212 2022/03/12 16:46:57 riastradh Exp $");
#include <sys/param.h>
#include <sys/resourcevar.h>
@@ -610,10 +610,19 @@
}
mutex_spin_exit(&timecounter_lock);
}
-
+
if (delta) {
mutex_spin_enter(&timecounter_lock);
- time_adjtime = delta->tv_sec * 1000000 + delta->tv_usec;
+ /*
+ * XXX This should maybe just report failure to
+ * userland for nonsense deltas.
+ */
+ if (delta->tv_sec > INT64_MAX/1000000 - 1) {
+ time_adjtime = INT64_MAX;
+ } else {
+ time_adjtime = MAX(0, delta->tv_sec) * 1000000
+ + MAX(0, MIN(999999, delta->tv_usec));
+ }
if (time_adjtime) {
/* We need to save the system time during shutdown */
Home |
Main Index |
Thread Index |
Old Index