From dad18197321e39c593d85743e49c2c26486ccf63 Mon Sep 17 00:00:00 2001
From: dchagin <dchagin@FreeBSD.org>
Date: Sun, 27 Dec 2015 15:37:07 +0000
Subject: Verify that tv_sec value specified in settimeofday() and
 clock_settime() (CLOCK_REALTIME case) system calls is non negative. This
 commit hides a kernel panic in atrtc_settime() as the clock_ts_to_ct() does
 not properly convert negative tv_sec.

ps. in my opinion clock_ts_to_ct() should be rewritten to properly handle
negative tv_sec values.

Differential Revision:	https://reviews.freebsd.org/D4714
Reviewed by:		kib

MFC after:	1 week
---
 sys/kern/kern_time.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'sys/kern/kern_time.c')

diff --git a/sys/kern/kern_time.c b/sys/kern/kern_time.c
index 6ae0fb1..7705d9c 100644
--- a/sys/kern/kern_time.c
+++ b/sys/kern/kern_time.c
@@ -398,7 +398,8 @@ kern_clock_settime(struct thread *td, clockid_t clock_id, struct timespec *ats)
 		return (error);
 	if (clock_id != CLOCK_REALTIME)
 		return (EINVAL);
-	if (ats->tv_nsec < 0 || ats->tv_nsec >= 1000000000)
+	if (ats->tv_nsec < 0 || ats->tv_nsec >= 1000000000 ||
+	    ats->tv_sec < 0)
 		return (EINVAL);
 	/* XXX Don't convert nsec->usec and back */
 	TIMESPEC_TO_TIMEVAL(&atv, ats);
@@ -618,7 +619,8 @@ kern_settimeofday(struct thread *td, struct timeval *tv, struct timezone *tzp)
 		return (error);
 	/* Verify all parameters before changing time. */
 	if (tv) {
-		if (tv->tv_usec < 0 || tv->tv_usec >= 1000000)
+		if (tv->tv_usec < 0 || tv->tv_usec >= 1000000 ||
+		    tv->tv_sec < 0)
 			return (EINVAL);
 		error = settime(td, tv);
 	}
-- 
cgit v1.1