Commit 9741ef96 authored by Thomas Gleixner's avatar Thomas Gleixner Committed by Linus Torvalds

[PATCH] futex: check and validate timevals

The futex timeval is not checked for correctness.  The change does not
break existing applications as the timeval is supplied by glibc (and glibc
always passes a correct value), but the glibc-internal tests for this
functionality fail.
Signed-off-by: default avatarThomas Gleixner <tglx@tglx.de>
Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent d425b274
...@@ -1039,9 +1039,11 @@ asmlinkage long sys_futex(u32 __user *uaddr, int op, int val, ...@@ -1039,9 +1039,11 @@ asmlinkage long sys_futex(u32 __user *uaddr, int op, int val,
unsigned long timeout = MAX_SCHEDULE_TIMEOUT; unsigned long timeout = MAX_SCHEDULE_TIMEOUT;
int val2 = 0; int val2 = 0;
if ((op == FUTEX_WAIT) && utime) { if (utime && (op == FUTEX_WAIT)) {
if (copy_from_user(&t, utime, sizeof(t)) != 0) if (copy_from_user(&t, utime, sizeof(t)) != 0)
return -EFAULT; return -EFAULT;
if (!timespec_valid(&t))
return -EINVAL;
timeout = timespec_to_jiffies(&t) + 1; timeout = timespec_to_jiffies(&t) + 1;
} }
/* /*
......
...@@ -129,9 +129,11 @@ asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, u32 val, ...@@ -129,9 +129,11 @@ asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, u32 val,
unsigned long timeout = MAX_SCHEDULE_TIMEOUT; unsigned long timeout = MAX_SCHEDULE_TIMEOUT;
int val2 = 0; int val2 = 0;
if ((op == FUTEX_WAIT) && utime) { if (utime && (op == FUTEX_WAIT)) {
if (get_compat_timespec(&t, utime)) if (get_compat_timespec(&t, utime))
return -EFAULT; return -EFAULT;
if (!timespec_valid(&t))
return -EINVAL;
timeout = timespec_to_jiffies(&t) + 1; timeout = timespec_to_jiffies(&t) + 1;
} }
if (op >= FUTEX_REQUEUE) if (op >= FUTEX_REQUEUE)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment