VFS: check nanoseconds in utimensat

utimensat() (and possibly other callers of do_utimes()) didn't check if the
nanosecond value was within the allowed range.

Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Cc: Ulrich Drepper <drepper@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/fs/utimes.c b/fs/utimes.c
index 682eb63b20ad3c4c7452870c3d9e6e832aea21e0..b9912ecbee241231ca0b776d9131af1e2643d80a 100644 (file)
--- a/fs/utimes.c
+++ b/fs/utimes.c
@@ -38,6 +38,14 @@ asmlinkage long sys_utime(char __user *filename, struct utimbuf __user *times)
 
 #endif
 
+static bool nsec_valid(long nsec)
+{
+       if (nsec == UTIME_OMIT || nsec == UTIME_NOW)
+               return true;
+
+       return nsec >= 0 && nsec <= 999999999;
+}
+
 /* If times==NULL, set access and modification to current time,
  * must be owner or have write permission.
  * Else, update from *times, must be owner or super user.
@@ -52,6 +60,11 @@ long do_utimes(int dfd, char __user *filename, struct timespec *times, int flags
        struct file *f = NULL;
 
        error = -EINVAL;
+       if (times && (!nsec_valid(times[0].tv_nsec) ||
+                     !nsec_valid(times[1].tv_nsec))) {
+               goto out;
+       }
+
        if (flags & ~AT_SYMLINK_NOFOLLOW)
                goto out;