Changeset 23389

Timestamp:

09/14/07 13:59:58 (15 months ago)

Author:

zarzycki@…

Message:

Better bounds checking.

Files:

• trunk/launchd/src/launchd_core_logic.c (modified) (6 diffs)

trunk/launchd/src/launchd_core_logic.c

@@ -352 +352 @@
         uint64_t start_time;
         uint32_t min_run_time;
-        unsigned int start_interval;
+        uint32_t start_interval;
         unsigned int checkedin:1, anonymous:1, debug:1, inetcompat:1, inetcompat_wait:1,
                      ondemand:1, session_create:1, low_pri_io:1, no_init_groups:1, priv_port_has_senders:1,
@@ -1419 +1419 @@
                 if (strcasecmp(key, LAUNCH_JOBKEY_EXITTIMEOUT) == 0) {
                         if (value < 0) {
-                                job_log(j, LOG_WARNING, "Exit timeout less zero. Ignoring.");
+                                job_log(j, LOG_WARNING, "%s less than zero. Ignoring.", LAUNCH_JOBKEY_EXITTIMEOUT);
+                        } else if (value > UINT32_MAX) {
+                                job_log(j, LOG_WARNING, "%s is too large. Ignoring.", LAUNCH_JOBKEY_EXITTIMEOUT);
                         } else {
                                 j->exit_timeout = value;
@@ -1435 +1437 @@
         case 'T':
                 if (strcasecmp(key, LAUNCH_JOBKEY_TIMEOUT) == 0) {
-                        if (value <= 0) {
-                                job_log(j, LOG_WARNING, "Timeout less than or equal to zero. Ignoring.");
+                        if (value < 0) {
+                                job_log(j, LOG_WARNING, "%s less than zero. Ignoring.", LAUNCH_JOBKEY_TIMEOUT);
+                        } else if (value > UINT32_MAX) {
+                                job_log(j, LOG_WARNING, "%s is too large. Ignoring.", LAUNCH_JOBKEY_TIMEOUT);
                         } else {
                                 j->timeout = value;
@@ -1443 +1447 @@
                         if (value < 0) {
                                 job_log(j, LOG_WARNING, "%s less than zero. Ignoring.", LAUNCH_JOBKEY_THROTTLEINTERVAL);
+                        } else if (value > UINT32_MAX) {
+                                job_log(j, LOG_WARNING, "%s is too large. Ignoring.", LAUNCH_JOBKEY_THROTTLEINTERVAL);
                         } else {
                                 j->min_run_time = value;
@@ -1459 +1465 @@
                 if (strcasecmp(key, LAUNCH_JOBKEY_STARTINTERVAL) == 0) {
                         if (value <= 0) {
-                                job_log(j, LOG_WARNING, "StartInterval is not greater than zero, ignoring");
+                                job_log(j, LOG_WARNING, "%s is not greater than zero. Ignoring.", LAUNCH_JOBKEY_STARTINTERVAL);
+                        } else if (value > UINT32_MAX) {
+                                job_log(j, LOG_WARNING, "%s is too large. Ignoring.", LAUNCH_JOBKEY_STARTINTERVAL);
                         } else {
                                 runtime_add_ref();
                                 j->start_interval = value;
-                        }
-                        if (-1 == kevent_mod((uintptr_t)&j->start_interval, EVFILT_TIMER, EV_ADD, NOTE_SECONDS, value, j)) {
-                                job_log_error(j, LOG_ERR, "adding kevent timer");
+
+                                job_assumes(j, kevent_mod((uintptr_t)&j->start_interval, EVFILT_TIMER, EV_ADD, NOTE_SECONDS, value, j) != -1);
                         }
                 } else if (strcasecmp(key, LAUNCH_JOBKEY_SANDBOXFLAGS) == 0) {
@@ -5193 +5200 @@
                 break;
         case VPROC_GSK_START_INTERVAL:
-                if ((unsigned int)inval > 0) {
+                if ((uint64_t)inval > UINT32_MAX) {
+                        kr = 1;
+                } else if (inval) {
                         if (j->start_interval == 0) {
                                 runtime_add_ref();