From: tedu <tedu@openbsd.org>
Date: Wed, 6 Jul 2016 15:53:01 +0000 (+0000)
Subject: fix several places where calculating ticks could overflow.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ade4dc82a7d10bf06baa32184f39c3f5b1e1ac9e;p=openbsd

fix several places where calculating ticks could overflow.
it's not enough to assign to an unsigned type because if the arithmetic
overflows the compiler may decide to do anything. so change all the
long long casts to uint64_t so that we start with the right type.
reported by Tim Newsham of NCC.
ok deraadt
---

diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c
index ad89f681555..0d9eb786495 100644
--- a/sys/kern/kern_sig.c
+++ b/sys/kern/kern_sig.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_sig.c,v 1.200 2016/06/27 19:55:02 jca Exp $	*/
+/*	$OpenBSD: kern_sig.c,v 1.201 2016/07/06 15:53:01 tedu Exp $	*/
 /*	$NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $	*/
 
 /*
@@ -1720,7 +1720,7 @@ sys___thrsigdivert(struct proc *p, void *v, register_t *retval)
 	sigset_t *m;
 	sigset_t mask = SCARG(uap, sigmask) &~ sigcantmask;
 	siginfo_t si;
-	long long to_ticks = 0;
+	uint64_t to_ticks = 0;
 	int timeinvalid = 0;
 	int error = 0;
 
@@ -1737,7 +1737,7 @@ sys___thrsigdivert(struct proc *p, void *v, register_t *retval)
 		if (ts.tv_nsec < 0 || ts.tv_nsec >= 1000000000)
 			timeinvalid = 1;
 		else {
-			to_ticks = (long long)hz * ts.tv_sec +
+			to_ticks = (uint64_t)hz * ts.tv_sec +
 			    ts.tv_nsec / (tick * 1000);
 			if (to_ticks > INT_MAX)
 				to_ticks = INT_MAX;
diff --git a/sys/kern/kern_synch.c b/sys/kern/kern_synch.c
index d72e0f5f3c3..1e3d682798a 100644
--- a/sys/kern/kern_synch.c
+++ b/sys/kern/kern_synch.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_synch.c,v 1.132 2016/07/04 16:12:52 tedu Exp $	*/
+/*	$OpenBSD: kern_synch.c,v 1.133 2016/07/06 15:53:01 tedu Exp $	*/
 /*	$NetBSD: kern_synch.c,v 1.37 1996/04/22 01:38:37 christos Exp $	*/
 
 /*
@@ -491,7 +491,7 @@ thrsleep(struct proc *p, struct sys___thrsleep_args *v)
 	long ident = (long)SCARG(uap, ident);
 	struct timespec *tsp = (struct timespec *)SCARG(uap, tp);
 	void *lock = SCARG(uap, lock);
-	unsigned long long to_ticks = 0;
+	uint64_t to_ticks = 0;
 	int abort, error;
 	clockid_t clock_id = SCARG(uap, clock_id) & 0x7;
 	int lockflags = SCARG(uap, clock_id) & 0x8;
@@ -516,7 +516,7 @@ thrsleep(struct proc *p, struct sys___thrsleep_args *v)
 		}
 
 		timespecsub(tsp, &now, tsp);
-		to_ticks = (long long)hz * tsp->tv_sec +
+		to_ticks = (uint64_t)hz * tsp->tv_sec +
 		    (tsp->tv_nsec + tick * 1000 - 1) / (tick * 1000) + 1;
 		if (to_ticks > INT_MAX)
 			to_ticks = INT_MAX;
diff --git a/sys/kern/kern_tc.c b/sys/kern/kern_tc.c
index 18f8ecbd29d..948fc2631f0 100644
--- a/sys/kern/kern_tc.c
+++ b/sys/kern/kern_tc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_tc.c,v 1.28 2014/12/10 02:44:47 tedu Exp $ */
+/*	$OpenBSD: kern_tc.c,v 1.29 2016/07/06 15:53:01 tedu Exp $ */
 
 /*
  * Copyright (c) 2000 Poul-Henning Kamp <phk@FreeBSD.org>
@@ -357,7 +357,7 @@ tc_setclock(struct timespec *ts)
 	/* convert the bintime to ticks */
 	bintime_sub(&bt, &bt2);
 	bintime_add(&naptime, &bt);
-	adj_ticks = (long long)hz * bt.sec +
+	adj_ticks = (uint64_t)hz * bt.sec +
 	    (((uint64_t)1000000 * (uint32_t)(bt.frac >> 32)) >> 32) / tick;
 	if (adj_ticks > 0) {
 		if (adj_ticks > INT_MAX)
diff --git a/sys/kern/kern_timeout.c b/sys/kern/kern_timeout.c
index 8862af246f9..b4ec8cdb4b2 100644
--- a/sys/kern/kern_timeout.c
+++ b/sys/kern/kern_timeout.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_timeout.c,v 1.47 2016/06/23 18:41:44 stefan Exp $	*/
+/*	$OpenBSD: kern_timeout.c,v 1.48 2016/07/06 15:53:01 tedu Exp $	*/
 /*
  * Copyright (c) 2001 Thomas Nordin <nordin@openbsd.org>
  * Copyright (c) 2000-2001 Artur Grabowski <art@openbsd.org>
@@ -202,9 +202,9 @@ timeout_add(struct timeout *new, int to_ticks)
 int
 timeout_add_tv(struct timeout *to, const struct timeval *tv)
 {
-	long long to_ticks;
+	uint64_t to_ticks;
 
-	to_ticks = (long long)hz * tv->tv_sec + tv->tv_usec / tick;
+	to_ticks = (uint64_t)hz * tv->tv_sec + tv->tv_usec / tick;
 	if (to_ticks > INT_MAX)
 		to_ticks = INT_MAX;
 	if (to_ticks == 0 && tv->tv_usec > 0)
@@ -216,9 +216,9 @@ timeout_add_tv(struct timeout *to, const struct timeval *tv)
 int
 timeout_add_ts(struct timeout *to, const struct timespec *ts)
 {
-	long long to_ticks;
+	uint64_t to_ticks;
 
-	to_ticks = (long long)hz * ts->tv_sec + ts->tv_nsec / (tick * 1000);
+	to_ticks = (uint64_t)hz * ts->tv_sec + ts->tv_nsec / (tick * 1000);
 	if (to_ticks > INT_MAX)
 		to_ticks = INT_MAX;
 	if (to_ticks == 0 && ts->tv_nsec > 0)
@@ -230,9 +230,9 @@ timeout_add_ts(struct timeout *to, const struct timespec *ts)
 int
 timeout_add_bt(struct timeout *to, const struct bintime *bt)
 {
-	long long to_ticks;
+	uint64_t to_ticks;
 
-	to_ticks = (long long)hz * bt->sec + (long)(((uint64_t)1000000 *
+	to_ticks = (uint64_t)hz * bt->sec + (long)(((uint64_t)1000000 *
 	    (uint32_t)(bt->frac >> 32)) >> 32) / tick;
 	if (to_ticks > INT_MAX)
 		to_ticks = INT_MAX;
@@ -245,9 +245,9 @@ timeout_add_bt(struct timeout *to, const struct bintime *bt)
 int
 timeout_add_sec(struct timeout *to, int secs)
 {
-	long long to_ticks;
+	uint64_t to_ticks;
 
-	to_ticks = (long long)hz * secs;
+	to_ticks = (uint64_t)hz * secs;
 	if (to_ticks > INT_MAX)
 		to_ticks = INT_MAX;
 
@@ -257,9 +257,9 @@ timeout_add_sec(struct timeout *to, int secs)
 int
 timeout_add_msec(struct timeout *to, int msecs)
 {
-	long long to_ticks;
+	uint64_t to_ticks;
 
-	to_ticks = (long long)msecs * 1000 / tick;
+	to_ticks = (uint64_t)msecs * 1000 / tick;
 	if (to_ticks > INT_MAX)
 		to_ticks = INT_MAX;
 	if (to_ticks == 0 && msecs > 0)