lib/posix-timerfd: Validate settime argument

This change adds a validation check on the `new_value` argument to
settime(), refusing to work with negative times and non-canonical
timespec values.

Signed-off-by: Andrei Tatar <andrei@unikraft.io>
Approved-by: Sergiu Moga <sergiu@unikraft.io>
Reviewed-by: Sergiu Moga <sergiu@unikraft.io>
GitHub-Closes: #1566

diff --git a/lib/posix-timerfd/timerfd.c b/lib/posix-timerfd/timerfd.c
index 75f13f01c0ec35c54796eaa20a83b57ab027ec9d..eb1614165fc8a2d0bcdd49c27e986531154e31b0 100644 (file)
--- a/lib/posix-timerfd/timerfd.c
+++ b/lib/posix-timerfd/timerfd.c
@@ -309,6 +309,18 @@ int uk_sys_timerfd_create(clockid_t id, int flags)
 
 #endif /* CONFIG_LIBPOSIX_FDTAB */
 
+/**
+ * Return non-zero if `val` contains either negative or non-canonical times.
+ */
+static inline
+int timerfd_check_settime(const struct itimerspec *val)
+{
+       return !uk_time_spec_canonical(&val->it_value) ||
+              !uk_time_spec_canonical(&val->it_interval) ||
+              !uk_time_spec_positive(&val->it_value) ||
+              !uk_time_spec_positive(&val->it_interval);
+}
+
 int uk_sys_timerfd_settime(const struct uk_file *f, int flags,
                           const struct itimerspec *new_value,
                           struct itimerspec *old_value)
@@ -323,6 +335,8 @@ int uk_sys_timerfd_settime(const struct uk_file *f, int flags,
                return -EINVAL;
        if (unlikely(f->vol != TIMERFD_VOLID))
                return -EINVAL;
+       if (unlikely(timerfd_check_settime(new_value)))
+               return -EINVAL;
 
        d = f->node;
        uk_file_wlock(f);