nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Bug 23055: cast, then multiply when doing u32*u32->u64.

Browse Source 
No backport, since this bug won't trigger until people make
certificates expiring after the Y2106 deadline.

CID 1415728
This commit is contained in:
Nick Mathewson 2017-07-28 10:31:12 -04:00
parent accb734c5f
commit 769a94d9ce
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
changes/bug23055 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (certificate handling):
- Fix a time handling bug in Tor certificates set to expire after
the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha.
Found by Coverity as CID 1415728.

2
src/or/torcert.c
View File

@ -393,7 +393,7 @@ rsa_ed25519_crosscert_check(const uint8_t *crosscert,
} }
const uint32_t expiration_date = rsa_ed_crosscert_get_expiration(cc); const uint32_t expiration_date = rsa_ed_crosscert_get_expiration(cc);
const uint64_t expiration_time = expiration_date * 3600; const uint64_t expiration_time = ((uint64_t)expiration_date) * 3600;
if (reject_if_expired_before < 0 || if (reject_if_expired_before < 0 ||
expiration_time < (uint64_t)reject_if_expired_before) { expiration_time < (uint64_t)reject_if_expired_before) {