From 83a06bf50bdf2074b9404951ff60e142d159d93b Mon Sep 17 00:00:00 2001 From: Marcelo Roberto Jimenez Date: Wed, 2 Feb 2011 16:04:02 -0200 Subject: [PATCH] RTC: Prevents a division by zero in kernel code. This patch prevents a user space program from calling the RTC_IRQP_SET ioctl with a negative value of frequency. Also, if this call is make with a zero value of frequency, there would be a division by zero in the kernel code. [jstultz: Also initialize irq_freq to 1 to catch other divbyzero issues] CC: Alessandro Zummo CC: Thomas Gleixner Signed-off-by: Marcelo Roberto Jimenez Signed-off-by: John Stultz --- drivers/rtc/class.c | 1 + drivers/rtc/interface.c | 3 +++ 2 files changed, 4 insertions(+) diff --git a/drivers/rtc/class.c b/drivers/rtc/class.c index 9583cbcc6b7..c404b61386b 100644 --- a/drivers/rtc/class.c +++ b/drivers/rtc/class.c @@ -143,6 +143,7 @@ struct rtc_device *rtc_device_register(const char *name, struct device *dev, rtc->id = id; rtc->ops = ops; rtc->owner = owner; + rtc->irq_freq = 1; rtc->max_user_freq = 64; rtc->dev.parent = dev; rtc->dev.class = rtc_class; diff --git a/drivers/rtc/interface.c b/drivers/rtc/interface.c index 925006d3310..a0c01967244 100644 --- a/drivers/rtc/interface.c +++ b/drivers/rtc/interface.c @@ -464,6 +464,9 @@ int rtc_irq_set_freq(struct rtc_device *rtc, struct rtc_task *task, int freq) int err = 0; unsigned long flags; + if (freq <= 0) + return -EINVAL; + spin_lock_irqsave(&rtc->irq_task_lock, flags); if (rtc->irq_task != NULL && task == NULL) err = -EBUSY; -- 2.41.0