diff options
| author | cheloha <cheloha@cvs.openbsd.org> | 2020-08-07 14:35:39 +0000 |
|---|---|---|
| committer | cheloha <cheloha@cvs.openbsd.org> | 2020-08-07 14:35:39 +0000 |
| commit | f2cb2908e9c3ae4f026113c83826fcd6f0f4ad90 (patch) | |
| tree | f5d26dd0d27894216be582649bc1ed119a39ae09 /sys/kern | |
| parent | 49680bcbab397ab3555526324ca55bceb8941c0c (diff) | |
sosplice(9): fully validate idle timeout
The socket splice idle timeout is a timeval, so we need to check that
tv_usec is both non-negative and less than one million. Otherwise it
isn't in canonical form.
We can check for this with timerisvalid(3).
benno@ says this shouldn't break anything in base.
ok benno@, bluhm@
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/uipc_socket.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 8f3ac59436c..dc1c6be333e 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket.c,v 1.247 2020/06/22 13:14:32 mpi Exp $ */ +/* $OpenBSD: uipc_socket.c,v 1.248 2020/08/07 14:35:38 cheloha Exp $ */ /* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */ /* @@ -51,6 +51,7 @@ #include <sys/pool.h> #include <sys/atomic.h> #include <sys/rwlock.h> +#include <sys/time.h> #ifdef DDB #include <machine/db_machdep.h> @@ -1199,7 +1200,7 @@ sosplice(struct socket *so, int fd, off_t max, struct timeval *tv) if (max && max < 0) return (EINVAL); - if (tv && (tv->tv_sec < 0 || tv->tv_usec < 0)) + if (tv && (tv->tv_sec < 0 || !timerisvalid(tv))) return (EINVAL); /* Find sosp, the drain socket where data will be spliced into. */ |