From ea227af2d4fd09d5406d88c4b189c60cbcf70768 Mon Sep 17 00:00:00 2001
From: Sebastian Huber <sebastian.huber@embedded-brains.de>
Date: Mon, 13 Apr 2020 19:41:21 +0200
Subject: score: Check time of day in _TOD_Set()

Close #3949.
---
 cpukit/posix/src/clocksettime.c     |  3 ---
 cpukit/score/src/coretodset.c       | 21 ++++++++++++++++++++-
 testsuites/psxtests/psxclock/init.c | 25 +++++++++++++++++++++++++
 3 files changed, 45 insertions(+), 4 deletions(-)

diff --git a/cpukit/posix/src/clocksettime.c b/cpukit/posix/src/clocksettime.c
index 5bb6f2f14b..49e4761875 100644
--- a/cpukit/posix/src/clocksettime.c
+++ b/cpukit/posix/src/clocksettime.c
@@ -40,9 +40,6 @@ int clock_settime(
   if ( clock_id == CLOCK_REALTIME ) {
     ISR_lock_Context lock_context;
 
-    if ( tp->tv_sec < TOD_SECONDS_1970_THROUGH_1988 )
-      rtems_set_errno_and_return_minus_one( EINVAL );
-
     _TOD_Lock();
     _TOD_Acquire( &lock_context );
       status = _TOD_Set( tp, &lock_context );
diff --git a/cpukit/score/src/coretodset.c b/cpukit/score/src/coretodset.c
index ed840ece2b..b9a745d9b4 100644
--- a/cpukit/score/src/coretodset.c
+++ b/cpukit/score/src/coretodset.c
@@ -22,6 +22,25 @@
 #include <rtems/score/assert.h>
 #include <rtems/score/watchdogimpl.h>
 
+static Status_Control _TOD_Check_time_of_day_and_run_hooks(
+  const struct timespec *tod
+)
+{
+  if ( !_Watchdog_Is_valid_timespec( tod ) ) {
+    return STATUS_INVALID_NUMBER;
+  }
+
+  if ( tod->tv_sec < TOD_SECONDS_1970_THROUGH_1988 ) {
+    return STATUS_INVALID_NUMBER;
+  }
+
+  if ( _Watchdog_Is_far_future_timespec( tod ) ) {
+    return STATUS_INVALID_NUMBER;
+  }
+
+  return _TOD_Hook_Run( TOD_ACTION_SET_CLOCK, tod );
+}
+
 Status_Control _TOD_Set(
   const struct timespec *tod,
   ISR_lock_Context      *lock_context
@@ -35,7 +54,7 @@ Status_Control _TOD_Set(
 
   _Assert( _TOD_Is_owner() );
 
-  status = _TOD_Hook_Run( TOD_ACTION_SET_CLOCK, tod );
+  status = _TOD_Check_time_of_day_and_run_hooks( tod );
   if ( status != STATUS_SUCCESSFUL ) {
     _TOD_Release( lock_context );
     return status;
diff --git a/testsuites/psxtests/psxclock/init.c b/testsuites/psxtests/psxclock/init.c
index 40c224cec4..778637b4fd 100644
--- a/testsuites/psxtests/psxclock/init.c
+++ b/testsuites/psxtests/psxclock/init.c
@@ -96,16 +96,19 @@ static rtems_task Init(
   /* error cases in clock_gettime and clock_settime */
 
   puts( "Init: clock_gettime - EINVAL (NULL timespec)" );
+  errno = 0;
   sc = clock_gettime( CLOCK_REALTIME, NULL );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
 
   puts( "Init: clock_gettime - EINVAL (invalid clockid)" );
+  errno = 0;
   sc = clock_gettime( (clockid_t)-1, &tv );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
 
   puts( "Init: clock_settime - EINVAL (invalid clockid)" );
+  errno = 0;
   sc = clock_settime( (clockid_t)-1, &tv );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
@@ -115,6 +118,23 @@ static rtems_task Init(
   tv.tv_nsec = 0;
   printf( ctime( &tv.tv_sec ) );
   puts( "Init: clock_settime - before 1988 EINVAL" );
+  errno = 0;
+  sc = clock_settime( CLOCK_REALTIME, &tv );
+  rtems_test_assert( sc == -1 );
+  rtems_test_assert( errno == EINVAL );
+
+  puts( "Init: clock_settime - invalid nanoseconds EINVAL" );
+  tv.tv_sec = 946681200;
+  tv.tv_nsec = 2000000000;
+  errno = 0;
+  sc = clock_settime( CLOCK_REALTIME, &tv );
+  rtems_test_assert( sc == -1 );
+  rtems_test_assert( errno == EINVAL );
+
+  puts( "Init: clock_settime - far future EINVAL" );
+  tv.tv_sec = 17179869184;
+  tv.tv_nsec = 0;
+  errno = 0;
   sc = clock_settime( CLOCK_REALTIME, &tv );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
@@ -122,11 +142,13 @@ static rtems_task Init(
   /* exercise clock_getres */
 
   puts( "Init: clock_getres - EINVAL (invalid clockid)" );
+  errno = 0;
   sc = clock_getres( (clockid_t) -1, &tv );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
 
   puts( "Init: clock_getres - EINVAL (NULL resolution)" );
+  errno = 0;
   sc = clock_getres( CLOCK_REALTIME, NULL );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
@@ -196,6 +218,7 @@ static rtems_task Init(
   tv.tv_sec = 0;
   tv.tv_nsec = TOD_NANOSECONDS_PER_SECOND * 2;
   puts( "Init: nanosleep - EINVAL (too many nanoseconds)" );
+  errno = 0;
   sc = nanosleep ( &tv, &tr );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
@@ -204,6 +227,7 @@ static rtems_task Init(
   tv.tv_sec = -1;
   tv.tv_nsec = 0;
   puts( "Init: nanosleep - negative seconds - EINVAL" );
+  errno = 0;
   sc = nanosleep ( &tv, &tr );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
@@ -212,6 +236,7 @@ static rtems_task Init(
   tv.tv_sec = 0;
   tv.tv_nsec = -1;
   puts( "Init: nanosleep - negative nanoseconds - EINVAL" );
+  errno = 0;
   sc = nanosleep ( &tv, &tr );
   rtems_test_assert( sc == -1 );
   rtems_test_assert( errno == EINVAL );
-- 
cgit v1.2.3