Module Name: src
Committed By: riastradh
Date: Sun Dec 22 23:16:27 UTC 2024
Modified Files:
src/sys/kern: kern_time.c
Log Message:
itimer_settime(9): Assert input is sane.
Caller is responsible for validating/sanitizing.
Prompted by:
PR kern/58914: timerfd_settime(2) is missing itimespecfix
To generate a diff of this commit:
cvs rdiff -u -r1.223 -r1.224 src/sys/kern/kern_time.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_time.c
diff -u src/sys/kern/kern_time.c:1.223 src/sys/kern/kern_time.c:1.224
--- src/sys/kern/kern_time.c:1.223 Thu Dec 19 23:41:45 2024
+++ src/sys/kern/kern_time.c Sun Dec 22 23:16:26 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_time.c,v 1.223 2024/12/19 23:41:45 riastradh Exp $ */
+/* $NetBSD: kern_time.c,v 1.224 2024/12/22 23:16:26 riastradh Exp $ */
/*-
* Copyright (c) 2000, 2004, 2005, 2007, 2008, 2009, 2020
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.223 2024/12/19 23:41:45 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.224 2024/12/22 23:16:26 riastradh Exp $");
#include <sys/param.h>
#include <sys/resourcevar.h>
@@ -902,6 +902,9 @@ itimer_callout(void *arg)
*
* If the callout had already fired but not yet run, fails with
* ERESTART -- caller must restart from the top to look up a timer.
+ *
+ * Caller is responsible for validating it->it_value and
+ * it->it_interval, e.g. with itimerfix or itimespecfix.
*/
int
itimer_settime(struct itimer *it)
@@ -911,6 +914,12 @@ itimer_settime(struct itimer *it)
KASSERT(itimer_lock_held());
KASSERT(!it->it_dying);
+ KASSERT(it->it_time.it_value.tv_sec >= 0);
+ KASSERT(it->it_time.it_value.tv_nsec >= 0);
+ KASSERT(it->it_time.it_value.tv_nsec < 1000000000);
+ KASSERT(it->it_time.it_interval.tv_sec >= 0);
+ KASSERT(it->it_time.it_interval.tv_nsec >= 0);
+ KASSERT(it->it_time.it_interval.tv_nsec < 1000000000);
if (!CLOCK_VIRTUAL_P(it->it_clockid)) {
/*
