svn commit: r347063 - head/sys/kern
John Baldwin
jhb at FreeBSD.org
Mon May 6 18:07:21 UTC 2019
On 5/3/19 2:26 PM, Mark Johnston wrote:
> Author: markj
> Date: Fri May 3 21:26:44 2019
> New Revision: 347063
> URL: https://svnweb.freebsd.org/changeset/base/347063
>
> Log:
> Disallow excessively small times of day in clock_settime(2).
>
> Reported by: syzkaller
> Reviewed by: cem, kib
> MFC after: 1 week
> Sponsored by: The FreeBSD Foundation
> Differential Revision: https://reviews.freebsd.org/D20151
>
> Modified:
> head/sys/kern/kern_time.c
>
> Modified: head/sys/kern/kern_time.c
> ==============================================================================
> --- head/sys/kern/kern_time.c Fri May 3 21:13:09 2019 (r347062)
> +++ head/sys/kern/kern_time.c Fri May 3 21:26:44 2019 (r347063)
> @@ -412,7 +412,9 @@ kern_clock_settime(struct thread *td, clockid_t clock_
> if (ats->tv_nsec < 0 || ats->tv_nsec >= 1000000000 ||
> ats->tv_sec < 0)
> return (EINVAL);
> - if (!allow_insane_settime && ats->tv_sec > 8000ULL * 365 * 24 * 60 * 60)
> + if (!allow_insane_settime &&
> + (ats->tv_sec > 8000ULL * 365 * 24 * 60 * 60 ||
> + ats->tv_sec < utc_offset()))
> return (EINVAL);
> /* XXX Don't convert nsec->usec and back */
> TIMESPEC_TO_TIMEVAL(&atv, ats);
Pardon my ignorance, but I can't see why you are checking against utc_offset()
vs some small constant? None of the discussion in the review mentioned the
reason for using this particular value, and I didn't see any comparisons
against utc_offset or kernadjtz in kern_clock_setttime() or settime() that
would have underflowed or panicked. Can you give a bit more detail on why
utc_offset() is the lower bound? Thanks.
--
John Baldwin
More information about the svn-src-all
mailing list