Module Name: src
Committed By: riastradh
Date: Tue Jun 28 02:04:51 UTC 2022
Modified Files:
src/sys/kern: subr_time.c
Log Message:
kern: Avoid arithmetic overflow in gettimeleft.
Sprinkle assertions in to verify we're monotonically counting the
time left down to zero.
Reported-by: [email protected]
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/sys/kern/subr_time.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/subr_time.c
diff -u src/sys/kern/subr_time.c:1.34 src/sys/kern/subr_time.c:1.35
--- src/sys/kern/subr_time.c:1.34 Sun Jun 26 22:31:47 2022
+++ src/sys/kern/subr_time.c Tue Jun 28 02:04:51 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: subr_time.c,v 1.34 2022/06/26 22:31:47 riastradh Exp $ */
+/* $NetBSD: subr_time.c,v 1.35 2022/06/28 02:04:51 riastradh Exp $ */
/*
* Copyright (c) 1982, 1986, 1989, 1993
@@ -33,7 +33,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: subr_time.c,v 1.34 2022/06/26 22:31:47 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_time.c,v 1.35 2022/06/28 02:04:51 riastradh Exp $");
#include <sys/param.h>
#include <sys/kernel.h>
@@ -207,6 +207,7 @@ inittimeleft(struct timespec *ts, struct
if (itimespecfix(ts)) {
return -1;
}
+ KASSERT(ts->tv_sec >= 0);
getnanouptime(sleepts);
return 0;
}
@@ -214,15 +215,23 @@ inittimeleft(struct timespec *ts, struct
int
gettimeleft(struct timespec *ts, struct timespec *sleepts)
{
- struct timespec sleptts;
+ struct timespec now, sleptts;
+
+ KASSERT(ts->tv_sec >= 0);
/*
* Reduce ts by elapsed time based on monotonic time scale.
*/
- getnanouptime(&sleptts);
- timespecadd(ts, sleepts, ts);
+ getnanouptime(&now);
+ KASSERT(timespeccmp(sleepts, &now, <=));
+ timespecsub(&now, sleepts, &sleptts);
+ *sleepts = now;
+
+ if (timespeccmp(ts, &sleptts, <=)) { /* timed out */
+ timespecclear(ts);
+ return 0;
+ }
timespecsub(ts, &sleptts, ts);
- *sleepts = sleptts;
return tstohz(ts);
}
