[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Handle u32 overflow in ed25519 cert expiration time.
commit 0704fa8a63c2e203162c359e184e63b10c45630c
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Tue Aug 30 09:00:34 2016 -0400
Handle u32 overflow in ed25519 cert expiration time.
The impact here isn't too bad. First, the only affected certs that
expire after 32-bit signed time overflows in Y2038. Second, it could
only make it seem that a non-expired cert is expired: it could never
make it seem that an expired cert was still live.
Fixes bug 20027; bugfix on 0.2.7.2-alpha.
---
changes/bug20027 | 3 +++
src/or/torcert.c | 6 +++++-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/changes/bug20027 b/changes/bug20027
new file mode 100644
index 0000000..79d1540
--- /dev/null
+++ b/changes/bug20027
@@ -0,0 +1,3 @@
+ o Minor bugfixes (ed25519 certificates):
+ - Correctly interpret ed25519 certificates that would expire some
+ time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha.
diff --git a/src/or/torcert.c b/src/or/torcert.c
index 2629155..ef7775e 100644
--- a/src/or/torcert.c
+++ b/src/or/torcert.c
@@ -139,7 +139,11 @@ tor_cert_parse(const uint8_t *encoded, const size_t len)
cert->encoded_len = len;
memcpy(cert->signed_key.pubkey, parsed->certified_key, 32);
- cert->valid_until = parsed->exp_field * 3600;
+ const int64_t valid_until_64 = ((int64_t)parsed->exp_field) * 3600;
+ if (valid_until_64 > TIME_MAX)
+ cert->valid_until = TIME_MAX - 1;
+ else
+ cert->valid_until = (time_t) valid_until_64;
cert->cert_type = parsed->cert_type;
for (unsigned i = 0; i < ed25519_cert_getlen_ext(parsed); ++i) {
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits