lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Dec 2014 23:04:06 -0500 From: Sasha Levin <sasha.levin@...cle.com> To: linux-kernel@...r.kernel.org Cc: Sasha Levin <sasha.levin@...cle.com>, John Stultz <john.stultz@...aro.org>, Thomas Gleixner <tglx@...utronix.de> Subject: [PATCH] time: make sure tz_minuteswest is set to a valid value when setting time Invalid values may overflow later, leading to undefined behaviour when multiplied by 60 to get the amount of seconds. Signed-off-by: Sasha Levin <sasha.levin@...cle.com> --- kernel/time/time.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kernel/time/time.c b/kernel/time/time.c index 7399a73..9ec4fa5 100644 --- a/kernel/time/time.c +++ b/kernel/time/time.c @@ -173,6 +173,10 @@ int do_sys_settimeofday(const struct timespec *tv, const struct timezone *tz) return error; if (tz) { + /* Verify we're witin the +-15 hrs range */ + if (tz->tz_minuteswest > 15*60 || tz->tz_minuteswest < -15*60) + return -EINVAL; + sys_tz = *tz; update_vsyscall_tz(); if (firsttime) { -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists