Re: [PATCH] time: compat settimeofday: Validate the values of tv from user

From: Thomas Gleixner
Date: Fri Jul 05 2019 - 08:15:02 EST

Next message: Dmitry Vyukov: "Re: kernel BUG at net/rxrpc/local_object.c:LINE!"
Previous message: Paolo Bonzini: "[PATCH] KVM: LAPIC: ARBPRI is a reserved register for x2APIC"
In reply to: zhengbin: "[PATCH] time: compat settimeofday: Validate the values of tv from user"
Next in thread: zhengbin (A): "Re: [PATCH] time: compat settimeofday: Validate the values of tv from user"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Zhengbin,

On Fri, 5 Jul 2019, zhengbin wrote:

> Similar to commit 6ada1fc0e1c4
> ("time: settimeofday: Validate the values of tv from user"),
> an unvalidated user input is multiplied by a constant, which can result
> in an undefined behaviour for large values. While this is validated
> later, we should avoid triggering undefined behaviour.

I surely agree with the patch, but the argument that this is validated
later and we just should avoid UB in general is just wrong.

For a wide range of negative tv_usec values the multiplication overflow
turns them in positive numbers. So the 'validated later' is not catching
the invalid input.

So 'should avoid ....' is just the wrong argument here.

Validation _is_ required before the multiplication so UB won't turn an
invalid value into a valid one.

Thanks,

tglx

Next message: Dmitry Vyukov: "Re: kernel BUG at net/rxrpc/local_object.c:LINE!"
Previous message: Paolo Bonzini: "[PATCH] KVM: LAPIC: ARBPRI is a reserved register for x2APIC"
In reply to: zhengbin: "[PATCH] time: compat settimeofday: Validate the values of tv from user"
Next in thread: zhengbin (A): "Re: [PATCH] time: compat settimeofday: Validate the values of tv from user"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]