Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 2 Apr 2017 13:59:10 -0400
From:      Allan Jude <allanjude@freebsd.org>
To:        Konstantin Belousov <kostikbel@gmail.com>, Dmitry Chagin <dchagin@FreeBSD.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r316393 - head/sys/compat/linux
Message-ID:  <acc915f9-c8e9-e128-8b21-9a94f6b6aa9e@freebsd.org>
In-Reply-To: <20170402133651.GJ43712@kib.kiev.ua>
References:  <201704020746.v327kDSN042840@repo.freebsd.org> <20170402133651.GJ43712@kib.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 2017-04-02 09:36, Konstantin Belousov wrote:
> On Sun, Apr 02, 2017 at 07:46:13AM +0000, Dmitry Chagin wrote:
>> Author: dchagin
>> Date: Sun Apr  2 07:46:13 2017
>> New Revision: 316393
>> URL: https://svnweb.freebsd.org/changeset/base/316393
>>
>> Log:
>>   As noted by bde@ negative tv_sec values are not checked for overflow,
>>   so overflow can still occur. Fix that. Also remove the extra check for
>>   tv_sec size as under COMPAT_LINUX32 it is always true.
>>   
>>   Pointed out by:	bde@
>>   
>>   MFC after:	1 week
>>
>> Modified:
>>   head/sys/compat/linux/linux_time.c
>>
>> Modified: head/sys/compat/linux/linux_time.c
>> ==============================================================================
>> --- head/sys/compat/linux/linux_time.c	Sun Apr  2 07:11:15 2017	(r316392)
>> +++ head/sys/compat/linux/linux_time.c	Sun Apr  2 07:46:13 2017	(r316393)
>> @@ -125,8 +125,7 @@ native_to_linux_timespec(struct l_timesp
>>  
>>  	LIN_SDT_PROBE2(time, native_to_linux_timespec, entry, ltp, ntp);
>>  #ifdef COMPAT_LINUX32
>> -	if (ntp->tv_sec > INT_MAX &&
>> -	    sizeof(ltp->tv_sec) != sizeof(ntp->tv_sec))
>> +	if (ntp->tv_sec > INT_MAX || ntp->tv_sec < INT_MIN)
> This line reads as only tv_sec == INT_MAX case results in non-EOVERFLOW
> condition.
> 
>>  		return (EOVERFLOW);
>>  #endif
>>  	ltp->tv_sec = ntp->tv_sec;
> 

It is possible kib@ did what I did, which was read both sides of the or
as comparing against INT_MAX at first glance, rather than the 2nd one
being INT_MIN.

-- 
Allan Jude

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?acc915f9-c8e9-e128-8b21-9a94f6b6aa9e>