mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-08-01 13:49:16 +00:00
Kernel: Sanitize all user-supplied timeval's/timespec's
This also removes a bunch of unnecessary EINVAL. Most of them weren't even recommended by POSIX.
This commit is contained in:
parent
649abc01bc
commit
8598240193
Notes:
sideshowbarker
2024-07-18 21:48:10 +09:00
Author: https://github.com/BenWiederhake
Commit: 8598240193
Pull-request: https://github.com/SerenityOS/serenity/pull/5323
Reviewed-by: https://github.com/ADKaster
Reviewed-by: https://github.com/awesomekling
Reviewed-by: https://github.com/bgianfo
4 changed files with 42 additions and 28 deletions
|
@ -106,14 +106,24 @@ KResult Socket::setsockopt(int level, int option, Userspace<const void*> user_va
|
|||
case SO_SNDTIMEO:
|
||||
if (user_value_size != sizeof(timeval))
|
||||
return EINVAL;
|
||||
if (!copy_from_user(&m_send_timeout, static_ptr_cast<const timeval*>(user_value)))
|
||||
return EFAULT;
|
||||
{
|
||||
auto timeout = copy_time_from_user(static_ptr_cast<const timeval*>(user_value));
|
||||
if (!timeout.has_value())
|
||||
return EFAULT;
|
||||
// FIXME: Should use AK::Time internally
|
||||
m_send_timeout = timeout->to_timeval();
|
||||
}
|
||||
return KSuccess;
|
||||
case SO_RCVTIMEO:
|
||||
if (user_value_size != sizeof(timeval))
|
||||
return EINVAL;
|
||||
if (!copy_from_user(&m_receive_timeout, static_ptr_cast<const timeval*>(user_value)))
|
||||
return EFAULT;
|
||||
{
|
||||
auto timeout = copy_time_from_user(static_ptr_cast<const timeval*>(user_value));
|
||||
if (!timeout.has_value())
|
||||
return EFAULT;
|
||||
// FIXME: Should use AK::Time internally
|
||||
m_receive_timeout = timeout->to_timeval();
|
||||
}
|
||||
return KSuccess;
|
||||
case SO_BINDTODEVICE: {
|
||||
if (user_value_size != IFNAMSIZ)
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue