RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-31 12:52:44 +00:00
Code Issues Activity Actions

Kernel: Sanitize all user-supplied timeval's/timespec's

Browse source 
This also removes a bunch of unnecessary EINVAL. Most of them weren't even
recommended by POSIX.
This commit is contained in:
Ben Wiederhake 2021-02-21 20:28:20 +01:00 committed by Andreas Kling
parent 649abc01bc
commit 8598240193
4 changed files with 42 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

18
Kernel/Net/Socket.cpp
View file

@ -106,14 +106,24 @@ KResult Socket::setsockopt(int level, int option, Userspace<const void*> user_va
case SO_SNDTIMEO:
if (user_value_size != sizeof(timeval))
return EINVAL;
if (!copy_from_user(&m_send_timeout, static_ptr_cast<const timeval*>(user_value)))
return EFAULT;
{
auto timeout = copy_time_from_user(static_ptr_cast<const timeval*>(user_value));
if (!timeout.has_value())
return EFAULT;
// FIXME: Should use AK::Time internally
m_send_timeout = timeout->to_timeval();
}
return KSuccess;
case SO_RCVTIMEO:
if (user_value_size != sizeof(timeval))
return EINVAL;
if (!copy_from_user(&m_receive_timeout, static_ptr_cast<const timeval*>(user_value)))
return EFAULT;
{
auto timeout = copy_time_from_user(static_ptr_cast<const timeval*>(user_value));
if (!timeout.has_value())
return EFAULT;
// FIXME: Should use AK::Time internally
m_receive_timeout = timeout->to_timeval();
}
return KSuccess;
case SO_BINDTODEVICE: {
if (user_value_size != IFNAMSIZ)