From: Andrei Tatar <andrei@unikraft.io>
Date: Wed, 22 Jan 2025 22:10:22 +0000 (+0100)
Subject: lib/posix-timerfd: Validate settime argument
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=0bb831610c7580acc640b407d1fddfcafa408476;p=unikraft%2Funikraft.git

lib/posix-timerfd: Validate settime argument

This change adds a validation check on the `new_value` argument to
settime(), refusing to work with negative times and non-canonical
timespec values.

Signed-off-by: Andrei Tatar <andrei@unikraft.io>
Approved-by: Sergiu Moga <sergiu@unikraft.io>
Reviewed-by: Sergiu Moga <sergiu@unikraft.io>
GitHub-Closes: #1566
---

diff --git a/lib/posix-timerfd/timerfd.c b/lib/posix-timerfd/timerfd.c
index 75f13f01c..eb1614165 100644
--- a/lib/posix-timerfd/timerfd.c
+++ b/lib/posix-timerfd/timerfd.c
@@ -309,6 +309,18 @@ int uk_sys_timerfd_create(clockid_t id, int flags)
 
 #endif /* CONFIG_LIBPOSIX_FDTAB */
 
+/**
+ * Return non-zero if `val` contains either negative or non-canonical times.
+ */
+static inline
+int timerfd_check_settime(const struct itimerspec *val)
+{
+	return !uk_time_spec_canonical(&val->it_value) ||
+	       !uk_time_spec_canonical(&val->it_interval) ||
+	       !uk_time_spec_positive(&val->it_value) ||
+	       !uk_time_spec_positive(&val->it_interval);
+}
+
 int uk_sys_timerfd_settime(const struct uk_file *f, int flags,
 			   const struct itimerspec *new_value,
 			   struct itimerspec *old_value)
@@ -323,6 +335,8 @@ int uk_sys_timerfd_settime(const struct uk_file *f, int flags,
 		return -EINVAL;
 	if (unlikely(f->vol != TIMERFD_VOLID))
 		return -EINVAL;
+	if (unlikely(timerfd_check_settime(new_value)))
+		return -EINVAL;
 
 	d = f->node;
 	uk_file_wlock(f);