Re: [patch 1/2] Validate itimer timeval from userspace

From: Thomas Gleixner
Date: Sat Mar 18 2006 - 15:35:58 EST


On Sat, 2006-03-18 at 12:31 -0800, Andrew Morton wrote:
> Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
> >
> > On Sat, 2006-03-18 at 12:07 -0800, Andrew Morton wrote:
> >
> > > From my reading, 2.4's sys_setitimer() will normalise the incoming timeval
> > > rather than rejecting it. And I think 2.6.13 did that too.
> > >
> > > It would be bad of us to change this behaviour, even if that's what the
> > > spec says we should do - because we can break existing applications.
> > >
> > > So I think we're stuck with it - we should normalise and then accept such
> > > timevals. And we should have a big comment explaining how we differ from
> > > the spec, and why.
> >
> > Hmm. How do you treat a negative value ?
> >
>
> In the same way as earlier kernels did!
>
> Unless, of course, those kernels did something utterly insane. In that
> case we'd need to have a little think.

It was caught by:

timeval_to_jiffies(const struct timeval *value)
{
unsigned long sec = value->tv_sec;
long usec = value->tv_usec;

if (sec >= MAX_SEC_IN_JIFFIES)
sec = MAX_SEC_IN_JIFFIES;
....
}

The conversion of long to unsigned long converted a negative value to
the maximum timeout.

It's not utterly insane, but it does not make much sense either.

Of course I can convert it that way, if we want to keep this "help
sloppy programmers aid" alive.

tglx



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/