kern/149980: [patch] negative value integer to nanosleep(2) should fail with EINVAL

Garrett Cooper gcooper at FreeBSD.org
Sun Aug 29 20:20:03 UTC 2010 

The following reply was made to PR kern/149980; it has been noted by GNATS.

From: Garrett Cooper <gcooper at FreeBSD.org>
To: vwe at freebsd.org
Cc: bug-followup <bug-followup at freebsd.org>
Subject: Re: kern/149980: [patch] negative value integer to nanosleep(2)
 should fail with EINVAL
Date: Sun, 29 Aug 2010 13:16:04 -0700

 On Sun, Aug 29, 2010 at 1:03 PM,  <vwe at freebsd.org> wrote:
 > Old Synopsis: [PATCH] negative value integer to nanosleep(2) should fail =
 with EINVAL
 > New Synopsis: [patch] negative value integer to nanosleep(2) should fail =
 with EINVAL
 >
 > State-Changed-From-To: open->analyzed
 > State-Changed-By: vwe
 > State-Changed-When: Sun Aug 29 20:00:22 UTC 2010
 > State-Changed-Why:
 > double checked that and it's looking reasonable
 > I think the checks for 'tv_nsec < 0' and 'tv_sec < 0' can be made in one =
 go,
 > but IMO it should not make a difference (assembler wise):
 >
 > Index: sys/kern/kern_time.c
 > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 > --- sys/kern/kern_time.c =A0 =A0 =A0 =A0(revision 211522)
 > +++ sys/kern/kern_time.c =A0 =A0 =A0 =A0(working copy)
 > @@ -362,9 +362,9 @@
 > =A0 =A0 =A0 =A0struct timeval tv;
 > =A0 =A0 =A0 =A0int error;
 >
 > - =A0 =A0 =A0 if (rqt->tv_nsec < 0 || rqt->tv_nsec >=3D 1000000000)
 > + =A0 =A0 =A0 if (rqt->tv_nsec < 0 || rqt->tv_nsec >=3D 1000000000 || rqt=
 ->tv_sec < 0)
 > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return (EINVAL);
 > - =A0 =A0 =A0 if (rqt->tv_sec < 0 || (rqt->tv_sec =3D=3D 0 && rqt->tv_nse=
 c =3D=3D 0))
 > + =A0 =A0 =A0 if (rqt->tv_sec =3D=3D 0 && rqt->tv_nsec =3D=3D 0)
 > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return (0);
 > =A0 =A0 =A0 =A0getnanouptime(&ts);
 > =A0 =A0 =A0 =A0timespecadd(&ts, rqt);
 
 Same thing that bde@ asked me to create, so it naturally looks good :).
 
 The reason why I hadn't posted anything earlier about this bug is that
 bde@ brought it to my attention that there are additional issues with
 the timer code, mostly dealing with the fact that itimerfix isn't used
 when checking the bounds of the tv argument. There are other
 associated issues with using this though (itimerfix checks tv_msec,
 and nanosleep doesn't check the tv_msec field because nanosleep uses
 nanosecond granularity, not millisecond granularity).
 
 Thanks!
 -Garrett

More information about the freebsd-bugs mailing list