Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Handle u32 overflow in ed25519 cert expiration time.

The impact here isn't too bad. First, the only affected certs that
expire after 32-bit signed time overflows in Y2038. Second, it could
only make it seem that a non-expired cert is expired: it could never
make it seem that an expired cert was still live.

Fixes bug 20027; bugfix on 0.2.7.2-alpha.
Nick Mathewson 7 years ago
parent
fae7060aea
commit
0704fa8a63
2 changed files with 8 additions and 1 deletions
Split View Show Diff Stats
  1. 3 0
      changes/bug20027
  2. 5 1
      src/or/torcert.c

+ 3 - 0
changes/bug20027
View File 

@@ -0,0 +1,3 @@
 
+  o Minor bugfixes (ed25519 certificates):
 
+    - Correctly interpret ed25519 certificates that would expire some
 
+      time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha.

+ 5 - 1
src/or/torcert.c
View File 

@@ -139,7 +139,11 @@ tor_cert_parse(const uint8_t *encoded, const size_t len)
 
   cert->encoded_len = len;
 
 
   memcpy(cert->signed_key.pubkey, parsed->certified_key, 32);
 
-  cert->valid_until = parsed->exp_field * 3600;
 
+  const int64_t valid_until_64 = ((int64_t)parsed->exp_field) * 3600;
 
+  if (valid_until_64 > TIME_MAX)
 
+    cert->valid_until = TIME_MAX - 1;
 
+  else
 
+    cert->valid_until = (time_t) valid_until_64;
 
   cert->cert_type = parsed->cert_type;
 
 
   for (unsigned i = 0; i < ed25519_cert_getlen_ext(parsed); ++i) {