[PATCH] alarmtimers: verify the alarmtimer_type value from clock2alarm()

Hyogi Gim Tue, 08 Jul 2014 01:52:23 -0700

clock2alarm() can return a minus value. so, we cannot use this
returned value for a index of an array. but, some functions use
this value directly as a index of an array:
 - alarm_clock_getres()
 - alarm_clock_get()
 - alarm_timer_create()
 - alarm_timer_nsleep()


add the verification code for the returned alarmtimer_type from
clock2alarm().

Signed-off-by: Hyogi Gim <hyogi....@lge.com>
Cc: Thomas Gleixner <t...@linutronix.de>
---
 kernel/time/alarmtimer.c | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/kernel/time/alarmtimer.c b/kernel/time/alarmtimer.c
index 88c9c65..0b117c6 100644
--- a/kernel/time/alarmtimer.c
+++ b/kernel/time/alarmtimer.c
@@ -487,7 +487,14 @@ static enum alarmtimer_restart alarm_handle_timer(struct 
alarm *alarm,
  */
 static int alarm_clock_getres(const clockid_t which_clock, struct timespec *tp)
 {
-       clockid_t baseid = alarm_bases[clock2alarm(which_clock)].base_clockid;
+       enum alarmtimer_type type;
+       clockid_t baseid;
+
+       type = clock2alarm(which_clock);
+       if (type < 0)
+               return -EINVAL;
+
+       baseid = alarm_bases[type].base_clockid;
 
        if (!alarmtimer_get_rtcdev())
                return -EINVAL;
@@ -504,7 +511,14 @@ static int alarm_clock_getres(const clockid_t which_clock, 
struct timespec *tp)
  */
 static int alarm_clock_get(clockid_t which_clock, struct timespec *tp)
 {
-       struct alarm_base *base = &alarm_bases[clock2alarm(which_clock)];
+       enum alarmtimer_type type;
+       struct alarm_base *base;
+
+       type = clock2alarm(which_clock);
+       if (type < 0)
+               return -EINVAL;
+
+       base = &alarm_bases[type];
 
        if (!alarmtimer_get_rtcdev())
                return -EINVAL;
@@ -531,6 +545,9 @@ static int alarm_timer_create(struct k_itimer *new_timer)
                return -EPERM;
 
        type = clock2alarm(new_timer->it_clock);
+       if (type < 0)
+               return -EINVAL;
+
        base = &alarm_bases[type];
        alarm_init(&new_timer->it.alarm.alarmtimer, type, alarm_handle_timer);
        return 0;
@@ -721,7 +738,7 @@ out:
 static int alarm_timer_nsleep(const clockid_t which_clock, int flags,
                     struct timespec *tsreq, struct timespec __user *rmtp)
 {
-       enum  alarmtimer_type type = clock2alarm(which_clock);
+       enum alarmtimer_type type;
        struct alarm alarm;
        ktime_t exp;
        int ret = 0;
@@ -733,6 +750,10 @@ static int alarm_timer_nsleep(const clockid_t which_clock, 
int flags,
        if (!capable(CAP_WAKE_ALARM))
                return -EPERM;
 
+       type = clock2alarm(which_clock);
+       if (type < 0)
+               return -EINVAL;
+
        alarm_init(&alarm, type, alarmtimer_nsleep_wakeup);
 
        exp = timespec_to_ktime(*tsreq);
-- 
1.8.3.2

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH] alarmtimers: verify the alarmtimer_type value from clock2alarm()

Reply via email to