Re: [PATCH] time: Validate the usec before covert to nsec in do_adjtimex

From: Thomas Gleixner
Date: Mon Jul 08 2019 - 05:25:08 EST


On Mon, 8 Jul 2019, ZhangXiaoxu wrote:

> When covert the usec to nsec, it will multiple 1000, it maybe
> overflow and lead an undefined behavior.
>
> For example, users may input an negative tv_usec values when
> call adjtimex syscall, then multiple 1000 maybe overflow it
> to a positive and legal number.
>
> So, we should validate the usec before coverted it to nsec.

That's correct, but the actuall inject function wants to keep the sanity
check,

Thanks,

tglx