systemd/improve-overflow-checks.patch

From 3dd8ee8fa693597663b0338235becbb0b7a9520c Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 25 Oct 2012 16:16:17 +0200
Subject: [PATCH] util: fix possible integer overflows

---
 src/shared/util.c |    6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/shared/util.c b/src/shared/util.c
index 2d4a4c1..e2f8b1f 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -148,6 +148,9 @@ usec_t timespec_load(const struct timespec *ts) {
             ts->tv_nsec == (long) -1)
                 return (usec_t) -1;
 
+        if (USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))
+                return (usec_t) -1;
+
         return
                 (usec_t) ts->tv_sec * USEC_PER_SEC +
                 (usec_t) ts->tv_nsec / NSEC_PER_USEC;
@@ -175,6 +178,9 @@ usec_t timeval_load(const struct timeval *tv) {
             tv->tv_usec == (suseconds_t) -1)
                 return (usec_t) -1;
 
+        if (USEC_PER_SEC > (UINT64_MAX - tv->tv_usec) / (usec_t) tv->tv_sec)
+                return (usec_t) -1;
+
         return
                 (usec_t) tv->tv_sec * USEC_PER_SEC +
                 (usec_t) tv->tv_usec;
-- 
1.7.10.4

From 49371bb50e0fe6e9e90309a20006bcfd9e2fa8f4 Mon Sep 17 00:00:00 2001
From: Dave Reisner <dreisner@archlinux.org>
Date: Mon, 29 Oct 2012 15:49:34 -0400
Subject: [PATCH] util: avoid divide by zero FPE

In early userspace, if kernel initialization happens extremely quickly,
a call to systemd-timestamp can potentially result in division by zero.
Ensure that the check in timespec_load, which only makes sense if tv_sec
is greater than zero, is guarded by this condition.
---
 src/shared/util.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/shared/util.c b/src/shared/util.c
index e2f8b1f..9a45e60 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -148,7 +148,8 @@ usec_t timespec_load(const struct timespec *ts) {
             ts->tv_nsec == (long) -1)
                 return (usec_t) -1;
 
-        if (USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))
+        if (ts->tv_sec > 0 &&
+            USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))
                 return (usec_t) -1;
 
         return
-- 
1.7.10.4

From fd09c93de9337c3df566180d04368353bb3662e7 Mon Sep 17 00:00:00 2001
From: Michal Schmidt <mschmidt@redhat.com>
Date: Mon, 29 Oct 2012 21:04:47 +0100
Subject: [PATCH] util: improve overflow checks

commit 49371bb fixed the observed division by zero, but missed another
occurrence of the same bug. It was also not the optimal fix. We can
simply make the divisor a constant by swapping it with the compared
value.
---
 src/shared/util.c |    5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/shared/util.c b/src/shared/util.c
index 9a45e60..8ec83e4 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -148,8 +148,7 @@ usec_t timespec_load(const struct timespec *ts) {
             ts->tv_nsec == (long) -1)
                 return (usec_t) -1;
 
-        if (ts->tv_sec > 0 &&
-            USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))
+        if ((usec_t) ts->tv_sec > (UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / USEC_PER_SEC)
                 return (usec_t) -1;
 
         return
@@ -179,7 +178,7 @@ usec_t timeval_load(const struct timeval *tv) {
             tv->tv_usec == (suseconds_t) -1)
                 return (usec_t) -1;
 
-        if (USEC_PER_SEC > (UINT64_MAX - tv->tv_usec) / (usec_t) tv->tv_sec)
+        if ((usec_t) tv->tv_sec > (UINT64_MAX - tv->tv_usec) / USEC_PER_SEC)
                 return (usec_t) -1;
 
         return
-- 
1.7.10.4
Accepting request 149703 from home:fcrozat:branches:Base:System - Add systemctl-options.patch: handle SYSTEMCTL_OPTIONS internaly (bnc#798620). - Update crypt-loop-file.patch to correctly detect crypto loop files (bnc#799514). - Add journalctl-remove-leftover-message.patch: remove debug message in systemctl. - Add job-avoid-recursion-when-cancelling.patch: prevent potential recursion when cancelling a service. - Add sysctl-parse-all-keys.patch: ensure sysctl file is fully parsed. - Add journal-fix-cutoff-max-date.patch: fix computation of cutoff max date for journal. - Add reword-rescue-mode-hints.patch: reword rescue prompt. - Add improve-overflow-checks.patch: improve time overflow checks. - Add fix-swap-behaviour-with-symlinks.patch: fix swap behaviour with symlinks. - Add hostnamectl-fix-set-hostname-with-no-argument.patch: ensure hostnamectl requires an argument when called with set-hostname option. - Add agetty-overrides-term.patch: pass correctly terminal type to agetty. - Add check-for-empty-strings-in-strto-conversions.patch: better check for empty strings in strto* conversions. - Add strv-cleanup-error-path-loops.patch: cleanup strv on error path. - Add cryptsetup-handle-plain.patch: correctly handle "plain" option in cryptsetup. - Add fstab-generator-improve-error-message.patch: improve error message in fstab-generator. - Add delta-accept-t-option.patch: accept -t option in OBS-URL: https://build.opensuse.org/request/show/149703 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=331 2013-01-23 14:44:07 +01:00			`From 3dd8ee8fa693597663b0338235becbb0b7a9520c Mon Sep 17 00:00:00 2001`
			`From: Michal Sekletar <msekleta@redhat.com>`
			`Date: Thu, 25 Oct 2012 16:16:17 +0200`
			`Subject: [PATCH] util: fix possible integer overflows`

			`---`
			`src/shared/util.c \| 6 ++++++`
			`1 file changed, 6 insertions(+)`

			`diff --git a/src/shared/util.c b/src/shared/util.c`
			`index 2d4a4c1..e2f8b1f 100644`
			`--- a/src/shared/util.c`
			`+++ b/src/shared/util.c`
			`@@ -148,6 +148,9 @@ usec_t timespec_load(const struct timespec *ts) {`
			`ts->tv_nsec == (long) -1)`
			`return (usec_t) -1;`

			`+ if (USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))`
			`+ return (usec_t) -1;`
			`+`
			`return`
			`(usec_t) ts->tv_sec * USEC_PER_SEC +`
			`(usec_t) ts->tv_nsec / NSEC_PER_USEC;`
			`@@ -175,6 +178,9 @@ usec_t timeval_load(const struct timeval *tv) {`
			`tv->tv_usec == (suseconds_t) -1)`
			`return (usec_t) -1;`

			`+ if (USEC_PER_SEC > (UINT64_MAX - tv->tv_usec) / (usec_t) tv->tv_sec)`
			`+ return (usec_t) -1;`
			`+`
			`return`
			`(usec_t) tv->tv_sec * USEC_PER_SEC +`
			`(usec_t) tv->tv_usec;`
			`--`
			`1.7.10.4`

			`From 49371bb50e0fe6e9e90309a20006bcfd9e2fa8f4 Mon Sep 17 00:00:00 2001`
			`From: Dave Reisner <dreisner@archlinux.org>`
			`Date: Mon, 29 Oct 2012 15:49:34 -0400`
			`Subject: [PATCH] util: avoid divide by zero FPE`

			`In early userspace, if kernel initialization happens extremely quickly,`
			`a call to systemd-timestamp can potentially result in division by zero.`
			`Ensure that the check in timespec_load, which only makes sense if tv_sec`
			`is greater than zero, is guarded by this condition.`
			`---`
			`src/shared/util.c \| 3 ++-`
			`1 file changed, 2 insertions(+), 1 deletion(-)`

			`diff --git a/src/shared/util.c b/src/shared/util.c`
			`index e2f8b1f..9a45e60 100644`
			`--- a/src/shared/util.c`
			`+++ b/src/shared/util.c`
			`@@ -148,7 +148,8 @@ usec_t timespec_load(const struct timespec *ts) {`
			`ts->tv_nsec == (long) -1)`
			`return (usec_t) -1;`

			`- if (USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))`
			`+ if (ts->tv_sec > 0 &&`
			`+ USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))`
			`return (usec_t) -1;`

			`return`
			`--`
			`1.7.10.4`

			`From fd09c93de9337c3df566180d04368353bb3662e7 Mon Sep 17 00:00:00 2001`
			`From: Michal Schmidt <mschmidt@redhat.com>`
			`Date: Mon, 29 Oct 2012 21:04:47 +0100`
			`Subject: [PATCH] util: improve overflow checks`

			`commit 49371bb fixed the observed division by zero, but missed another`
			`occurrence of the same bug. It was also not the optimal fix. We can`
			`simply make the divisor a constant by swapping it with the compared`
			`value.`
			`---`
			`src/shared/util.c \| 5 ++---`
			`1 file changed, 2 insertions(+), 3 deletions(-)`

			`diff --git a/src/shared/util.c b/src/shared/util.c`
			`index 9a45e60..8ec83e4 100644`
			`--- a/src/shared/util.c`
			`+++ b/src/shared/util.c`
			`@@ -148,8 +148,7 @@ usec_t timespec_load(const struct timespec *ts) {`
			`ts->tv_nsec == (long) -1)`
			`return (usec_t) -1;`

			`- if (ts->tv_sec > 0 &&`
			`- USEC_PER_SEC > ((UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / (usec_t) ts->tv_sec))`
			`+ if ((usec_t) ts->tv_sec > (UINT64_MAX - (ts->tv_nsec / NSEC_PER_USEC)) / USEC_PER_SEC)`
			`return (usec_t) -1;`

			`return`
			`@@ -179,7 +178,7 @@ usec_t timeval_load(const struct timeval *tv) {`
			`tv->tv_usec == (suseconds_t) -1)`
			`return (usec_t) -1;`

			`- if (USEC_PER_SEC > (UINT64_MAX - tv->tv_usec) / (usec_t) tv->tv_sec)`
			`+ if ((usec_t) tv->tv_sec > (UINT64_MAX - tv->tv_usec) / USEC_PER_SEC)`
			`return (usec_t) -1;`

			`return`
			`--`
			`1.7.10.4`