From: Stephen Hemminger <shemminger@osdl.org>
Date: Thu, 19 Oct 2006 20:10:26 +0000 (-0700)
Subject: Trap possible overflow in usec values to netem
X-Git-Tag: v2.6.19-061214~36
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fa56513034c839e444ab7ca986ddb178dece86c7;p=thirdparty%2Fiproute2.git

Trap possible overflow in usec values to netem
If user asks for large usec value it could overflow 32 bits.

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
---

diff --git a/tc/q_netem.c b/tc/q_netem.c
index 757edcaee..7fbc771c7 100644
--- a/tc/q_netem.c
+++ b/tc/q_netem.c
@@ -111,6 +111,11 @@ static int get_ticks(__u32 *ticks, const char *str)
 	if(get_usecs(&t, str))
 		return -1;
 	
+	if (tc_core_usec2big(t)) {
+		fprintf(stderr, "Illegal %d usecs (too large)\n", t);
+		return -1;
+	}
+
 	*ticks = tc_core_usec2tick(t);
 	return 0;
 }
diff --git a/tc/tc_core.c b/tc/tc_core.c
index 07cf2fa95..10c375ef8 100644
--- a/tc/tc_core.c
+++ b/tc/tc_core.c
@@ -27,6 +27,15 @@ static __u32 t2us=1;
 static __u32 us2t=1;
 static double tick_in_usec = 1;
 
+int tc_core_usec2big(long usec)
+{
+	__u64 t = usec;
+
+	t *= tick_in_usec;
+	return (t >> 32) != 0;
+}
+
+
 long tc_core_usec2tick(long usec)
 {
 	return usec*tick_in_usec;
diff --git a/tc/tc_core.h b/tc/tc_core.h
index 1537f95a7..65611b6d4 100644
--- a/tc/tc_core.h
+++ b/tc/tc_core.h
@@ -4,6 +4,7 @@
 #include <asm/types.h>
 #include <linux/pkt_sched.h>
 
+int  tc_core_usec2big(long usec);
 long tc_core_usec2tick(long usec);
 long tc_core_tick2usec(long tick);
 unsigned tc_calc_xmittime(unsigned rate, unsigned size);