mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-10-27 10:25:06 +03:00
journal: validate timestamps as well
This commit is contained in:
parent
84168d8068
commit
fc89a13992
@ -160,7 +160,7 @@ static gcry_mpi_t twopowmodphi(uint64_t m, const gcry_mpi_t p) {
|
||||
gcry_mpi_sub_ui(phi, p, 1);
|
||||
|
||||
/* count number of used bits in m */
|
||||
for (n = 0; ((uint64_t)1 << n) <= m; n++)
|
||||
for (n = 0; (1ULL << n) <= m; n++)
|
||||
;
|
||||
|
||||
r = gcry_mpi_new(0);
|
||||
|
@ -119,6 +119,21 @@ int journal_file_open_reliably(
|
||||
#define ALIGN64(x) (((x) + 7ULL) & ~7ULL)
|
||||
#define VALID64(x) (((x) & 7ULL) == 0ULL)
|
||||
|
||||
static inline bool VALID_REALTIME(uint64_t u) {
|
||||
/* This considers timestamps until the year 3112 valid. That should be plenty room... */
|
||||
return u > 0 && u < (1ULL << 55);
|
||||
}
|
||||
|
||||
static inline bool VALID_MONOTONIC(uint64_t u) {
|
||||
/* This considers timestamps until 1142 years of runtime valid. */
|
||||
return u < (1ULL << 55);
|
||||
}
|
||||
|
||||
static inline bool VALID_EPOCH(uint64_t u) {
|
||||
/* This allows changing the key for 1142 years, every usec. */
|
||||
return u < (1ULL << 55);
|
||||
}
|
||||
|
||||
#define JOURNAL_HEADER_CONTAINS(h, field) \
|
||||
(le64toh((h)->header_size) >= offsetof(Header, field) + sizeof((h)->field))
|
||||
|
||||
|
@ -35,8 +35,8 @@
|
||||
|
||||
/* FIXME:
|
||||
*
|
||||
* - write bit mucking test
|
||||
* - evolve key even if nothing happened in regular intervals
|
||||
* - add macro for accessing flags
|
||||
*
|
||||
* - Allow building without libgcrypt
|
||||
* - check with sparse
|
||||
@ -115,7 +115,8 @@ static int journal_file_object_verify(JournalFile *f, Object *o) {
|
||||
return -EBADMSG;
|
||||
|
||||
if (le64toh(o->entry.seqnum) <= 0 ||
|
||||
le64toh(o->entry.realtime) <= 0)
|
||||
!VALID_REALTIME(le64toh(o->entry.realtime)) ||
|
||||
!VALID_MONOTONIC(le64toh(o->entry.monotonic)))
|
||||
return -EBADMSG;
|
||||
|
||||
for (i = 0; i < journal_file_entry_n_items(o); i++) {
|
||||
@ -169,6 +170,10 @@ static int journal_file_object_verify(JournalFile *f, Object *o) {
|
||||
case OBJECT_TAG:
|
||||
if (le64toh(o->object.size) != sizeof(TagObject))
|
||||
return -EBADMSG;
|
||||
|
||||
if (!VALID_EPOCH(o->tag.epoch))
|
||||
return -EBADMSG;
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user