diff options
-rw-r--r-- | src/journal/fsprg.c | 2 | ||||
-rw-r--r-- | src/journal/journal-file.h | 15 | ||||
-rw-r--r-- | src/journal/journal-verify.c | 9 |
3 files changed, 23 insertions, 3 deletions
diff --git a/src/journal/fsprg.c b/src/journal/fsprg.c index 34ce3be96b..2190b7c796 100644 --- a/src/journal/fsprg.c +++ b/src/journal/fsprg.c @@ -160,7 +160,7 @@ static gcry_mpi_t twopowmodphi(uint64_t m, const gcry_mpi_t p) { gcry_mpi_sub_ui(phi, p, 1); /* count number of used bits in m */ - for (n = 0; ((uint64_t)1 << n) <= m; n++) + for (n = 0; (1ULL << n) <= m; n++) ; r = gcry_mpi_new(0); diff --git a/src/journal/journal-file.h b/src/journal/journal-file.h index e2ef03347c..7358173e7a 100644 --- a/src/journal/journal-file.h +++ b/src/journal/journal-file.h @@ -119,6 +119,21 @@ int journal_file_open_reliably( #define ALIGN64(x) (((x) + 7ULL) & ~7ULL) #define VALID64(x) (((x) & 7ULL) == 0ULL) +static inline bool VALID_REALTIME(uint64_t u) { + /* This considers timestamps until the year 3112 valid. That should be plenty room... */ + return u > 0 && u < (1ULL << 55); +} + +static inline bool VALID_MONOTONIC(uint64_t u) { + /* This considers timestamps until 1142 years of runtime valid. */ + return u < (1ULL << 55); +} + +static inline bool VALID_EPOCH(uint64_t u) { + /* This allows changing the key for 1142 years, every usec. */ + return u < (1ULL << 55); +} + #define JOURNAL_HEADER_CONTAINS(h, field) \ (le64toh((h)->header_size) >= offsetof(Header, field) + sizeof((h)->field)) diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c index a31817671b..535b2727ac 100644 --- a/src/journal/journal-verify.c +++ b/src/journal/journal-verify.c @@ -35,8 +35,8 @@ /* FIXME: * - * - write bit mucking test * - evolve key even if nothing happened in regular intervals + * - add macro for accessing flags * * - Allow building without libgcrypt * - check with sparse @@ -115,7 +115,8 @@ static int journal_file_object_verify(JournalFile *f, Object *o) { return -EBADMSG; if (le64toh(o->entry.seqnum) <= 0 || - le64toh(o->entry.realtime) <= 0) + !VALID_REALTIME(le64toh(o->entry.realtime)) || + !VALID_MONOTONIC(le64toh(o->entry.monotonic))) return -EBADMSG; for (i = 0; i < journal_file_entry_n_items(o); i++) { @@ -169,6 +170,10 @@ static int journal_file_object_verify(JournalFile *f, Object *o) { case OBJECT_TAG: if (le64toh(o->object.size) != sizeof(TagObject)) return -EBADMSG; + + if (!VALID_EPOCH(o->tag.epoch)) + return -EBADMSG; + break; } |