[rtems commit] posix: Fix sem_init() with too large initial value

Sebastian Huber sebh at rtems.org
Fri May 27 06:14:25 UTC 2016


Module:    rtems
Branch:    master
Commit:    d887c1b5b30733fd2d6cf07a4a264f57ab9f4b4b
Changeset: http://git.rtems.org/rtems/commit/?id=d887c1b5b30733fd2d6cf07a4a264f57ab9f4b4b

Author:    Sebastian Huber <sebastian.huber at embedded-brains.de>
Date:      Wed May 25 14:28:34 2016 +0200

posix: Fix sem_init() with too large initial value

Close #2721.

---

 cpukit/posix/src/seminit.c          |  7 ++++++-
 testsuites/psxtests/psxsem01/init.c | 12 ++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/cpukit/posix/src/seminit.c b/cpukit/posix/src/seminit.c
index cc47312..249edf6 100644
--- a/cpukit/posix/src/seminit.c
+++ b/cpukit/posix/src/seminit.c
@@ -43,8 +43,13 @@ int sem_init(
   int                        status;
   POSIX_Semaphore_Control   *the_semaphore;
 
-  if ( !sem )
+  if ( sem == NULL ) {
     rtems_set_errno_and_return_minus_one( EINVAL );
+  }
+
+  if ( value > SEM_VALUE_MAX ) {
+    rtems_set_errno_and_return_minus_one( EINVAL );
+  }
 
   _Objects_Allocator_lock();
   status = _POSIX_Semaphore_Create_support(
diff --git a/testsuites/psxtests/psxsem01/init.c b/testsuites/psxtests/psxsem01/init.c
index 1bec5c6..023f79a 100644
--- a/testsuites/psxtests/psxsem01/init.c
+++ b/testsuites/psxtests/psxsem01/init.c
@@ -109,6 +109,17 @@ static void test_sem_post_overflow(void)
   rtems_test_assert( rv == 0 );
 }
 
+static void test_sem_init_too_large_inital_value(void)
+{
+  sem_t sem;
+  int   rv;
+
+  errno = 0;
+  rv = sem_init( &sem, 0, SEM_VALUE_MAX + 1 );
+  rtems_test_assert( rv == -1 );
+  rtems_test_assert( errno == EINVAL );
+}
+
 void *POSIX_Init(
   void *argument
 )
@@ -379,6 +390,7 @@ void *POSIX_Init(
 
   test_sem_wait_during_delete();
   test_sem_post_overflow();
+  test_sem_init_too_large_inital_value();
 
   /* Try adding in unlinking before closing... (can we still open?) */
 



More information about the vc mailing list