Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934849AbbDIJpU (ORCPT ); Thu, 9 Apr 2015 05:45:20 -0400 Received: from mail.kernel.org ([198.145.29.136]:42228 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932659AbbDIIyL (ORCPT ); Thu, 9 Apr 2015 04:54:11 -0400 From: lizf@kernel.org To: stable@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Sasha Levin , Thomas Gleixner , Ingo Molnar , John Stultz , Zefan Li Subject: [PATCH 3.4 089/176] time: adjtimex: Validate the ADJ_FREQUENCY values Date: Thu, 9 Apr 2015 16:45:37 +0800 Message-Id: <1428569224-23820-89-git-send-email-lizf@kernel.org> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1428569028-23762-1-git-send-email-lizf@kernel.org> References: <1428569028-23762-1-git-send-email-lizf@kernel.org> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1414 Lines: 50 From: Sasha Levin 3.4.107-rc1 review patch. If anyone has any objections, please let me know. ------------------ commit 5e5aeb4367b450a28f447f6d5ab57d8f2ab16a5f upstream. Verify that the frequency value from userspace is valid and makes sense. Unverified values can cause overflows later on. Cc: Thomas Gleixner Cc: Ingo Molnar Signed-off-by: Sasha Levin [jstultz: Fix up bug for negative values and drop redunent cap check] Signed-off-by: John Stultz [lizf: Backported to 3.4: adjust context] Signed-off-by: Zefan Li --- kernel/time/ntp.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/kernel/time/ntp.c b/kernel/time/ntp.c index 8b70710..7666b24 100644 --- a/kernel/time/ntp.c +++ b/kernel/time/ntp.c @@ -660,6 +660,13 @@ int do_adjtimex(struct timex *txc) return result; } + if (txc->modes & ADJ_FREQUENCY) { + if (LONG_MIN / PPM_SCALE > txc->freq) + return -EINVAL; + if (LONG_MAX / PPM_SCALE < txc->freq) + return -EINVAL; + } + getnstimeofday(&ts); spin_lock_irq(&ntp_lock); -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/