Kernel: Sanitize all user-supplied timeval's/timespec's

This also removes a bunch of unnecessary EINVAL. Most of them weren't even recommended by POSIX.
Author: https://github.com/BenWiederhake Commit: 8598240193 Pull-request: https://github.com/SerenityOS/serenity/pull/5323 Reviewed-by: https://github.com/ADKaster Reviewed-by: https://github.com/awesomekling Reviewed-by: https://github.com/bgianfo
2025-08-05 23:59:49 +00:00 · 2021-02-21 20:28:20 +01:00 · 2021-02-21 20:28:20 +01:00 · 8598240193 · 2024-07-18 21:48:10 +09:00
commit 8598240193
parent 649abc01bc
4 changed files with 42 additions and 28 deletions
--- a/Kernel/Net/Socket.cpp
+++ b/Kernel/Net/Socket.cpp
@ -106,14 +106,24 @@ KResult Socket::setsockopt(int level, int option, Userspace<const void*> user_va
    case SO_SNDTIMEO:
        if (user_value_size != sizeof(timeval))
            return EINVAL;
-        if (!copy_from_user(&m_send_timeout, static_ptr_cast<const timeval*>(user_value)))
-            return EFAULT;
+        {
+            auto timeout = copy_time_from_user(static_ptr_cast<const timeval*>(user_value));
+            if (!timeout.has_value())
+                return EFAULT;
+            // FIXME: Should use AK::Time internally
+            m_send_timeout = timeout->to_timeval();
+        }
        return KSuccess;
    case SO_RCVTIMEO:
        if (user_value_size != sizeof(timeval))
            return EINVAL;
-        if (!copy_from_user(&m_receive_timeout, static_ptr_cast<const timeval*>(user_value)))
-            return EFAULT;
+        {
+            auto timeout = copy_time_from_user(static_ptr_cast<const timeval*>(user_value));
+            if (!timeout.has_value())
+                return EFAULT;
+            // FIXME: Should use AK::Time internally
+            m_receive_timeout = timeout->to_timeval();
+        }
        return KSuccess;
    case SO_BINDTODEVICE: {
        if (user_value_size != IFNAMSIZ)