From: Lennart Poettering Date: Fri, 22 Mar 2013 20:35:53 +0000 (+0100) Subject: timedated: extra overflow safety check when doing relative time changes X-Git-Tag: v199~73 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=86e7b6e3f61e2a0d2395d7f2cc28e8f9199710e7;p=elogind.git timedated: extra overflow safety check when doing relative time changes Ensure clients don't overflow usec_t when doing relative time changes. This is mostly just paranoia and protection against accidents, after all clients are already authenticated, and they can se the time to any value they wish anyway, but better be safe than sorry. https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1152187/comments/14 --- diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c index 85506f4fc..16fffd084 100644 --- a/src/timedate/timedated.c +++ b/src/timedate/timedated.c @@ -816,15 +816,24 @@ static DBusHandlerResult timedate_message_handler( struct timespec ts; struct tm* tm; + if (relative) { + usec_t n, x; + + n = now(CLOCK_REALTIME); + x = n + utc; + + if ((utc > 0 && x < n) || + (utc < 0 && x > n)) + return bus_send_error_reply(connection, message, NULL, -EOVERFLOW); + + timespec_store(&ts, x); + } else + timespec_store(&ts, (usec_t) utc); + r = verify_polkit(connection, message, "org.freedesktop.timedate1.set-time", interactive, NULL, &error); if (r < 0) return bus_send_error_reply(connection, message, &error, r); - if (relative) - timespec_store(&ts, now(CLOCK_REALTIME) + utc); - else - timespec_store(&ts, utc); - /* Set system clock */ if (clock_settime(CLOCK_REALTIME, &ts) < 0) { log_error("Failed to set local time: %m");