wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4501 from embhorn/zd13114

Browse Source 
Fix wolfSSL_ASN1_TIME_diff use of gmtime and 32-bit overflow
This commit is contained in:
David Garske
2021-10-26 10:47:59 -07:00
committed by GitHub
parent 87baf7818e 19feab7850
commit 9c665d7282
2 changed files with 44 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
src/ssl.c
View File

@ -27466,6 +27466,15 @@ char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len)
int wolfSSL_ASN1_TIME_to_tm(const WOLFSSL_ASN1_TIME* asnTime, struct tm* tm)
{
time_t currentTime;
struct tm *tmpTs;
#if defined(NEED_TMP_TIME)
/* for use with gmtime_r */
struct tm tmpTimeStorage;
tmpTs = &tmpTimeStorage;
#else
tmpTs = NULL;
#endif
(void)tmpTs;
WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_tm");
@ -27481,7 +27490,9 @@ int wolfSSL_ASN1_TIME_to_tm(const WOLFSSL_ASN1_TIME* asnTime, struct tm* tm)
WOLFSSL_MSG("Failed to get current time.");
return WOLFSSL_FAILURE;
}
if (XGMTIME(&currentTime, tm) == NULL) {
tm = XGMTIME(&currentTime, tmpTs);
if (tm == NULL) {
WOLFSSL_MSG("Failed to convert current time to UTC.");
return WOLFSSL_FAILURE;
}
@ -30185,11 +30196,20 @@ int wolfSSL_ASN1_TIME_diff(int *days, int *secs, const WOLFSSL_ASN1_TIME *from,
{
#if defined(XMKTIME) && defined(XDIFFTIME)
const int SECS_PER_DAY = 24 * 60 * 60;
struct tm fromTm;
struct tm toTm;
struct tm fromTm_s, *fromTm = &fromTm_s;
struct tm toTm_s, *toTm = &toTm_s;
time_t fromSecs;
time_t toSecs;
double diffSecs;
struct tm *tmpTs;
#if defined(NEED_TMP_TIME)
/* for use with gmtime_r */
struct tm tmpTimeStorage;
tmpTs = &tmpTimeStorage;
#else
tmpTs = NULL;
#endif
(void)tmpTs;
WOLFSSL_ENTER("wolfSSL_ASN1_TIME_diff");
@ -30210,13 +30230,18 @@ int wolfSSL_ASN1_TIME_diff(int *days, int *secs, const WOLFSSL_ASN1_TIME *from,
if (from == NULL) {
fromSecs = XTIME(0);
XGMTIME(&fromSecs, &fromTm);
fromTm = XGMTIME(&fromSecs, tmpTs);
if (fromTm == NULL) {
WOLFSSL_MSG("XGMTIME for from time failed.");
return WOLFSSL_FAILURE;
}
}
else if (wolfSSL_ASN1_TIME_to_tm(from, &fromTm) != WOLFSSL_SUCCESS) {
else if (wolfSSL_ASN1_TIME_to_tm(from, fromTm) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Failed to convert from time to struct tm.");
return WOLFSSL_FAILURE;
}
fromSecs = XMKTIME(&fromTm);
fromSecs = XMKTIME(fromTm);
if (fromSecs < 0) {
WOLFSSL_MSG("XMKTIME for from time failed.");
return WOLFSSL_FAILURE;
@ -30224,13 +30249,18 @@ int wolfSSL_ASN1_TIME_diff(int *days, int *secs, const WOLFSSL_ASN1_TIME *from,
if (to == NULL) {
toSecs = XTIME(0);
XGMTIME(&toSecs, &toTm);
toTm = XGMTIME(&toSecs, tmpTs);
if (toTm == NULL) {
WOLFSSL_MSG("XGMTIME for to time failed.");
return WOLFSSL_FAILURE;
}
}
else if (wolfSSL_ASN1_TIME_to_tm(to, &toTm) != WOLFSSL_SUCCESS) {
else if (wolfSSL_ASN1_TIME_to_tm(to, toTm) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Failed to convert to time to struct tm.");
return WOLFSSL_FAILURE;
}
toSecs = XMKTIME(&toTm);
toSecs = XMKTIME(toTm);
if (toSecs < 0) {
WOLFSSL_MSG("XMKTIME for to time failed.");
return WOLFSSL_FAILURE;
@ -30238,7 +30268,7 @@ int wolfSSL_ASN1_TIME_diff(int *days, int *secs, const WOLFSSL_ASN1_TIME *from,
diffSecs = XDIFFTIME(toSecs, fromSecs);
*days = (int) (diffSecs / SECS_PER_DAY);
*secs = (int) (diffSecs - (*days * SECS_PER_DAY));
*secs = (int) (diffSecs - (((double)*days) * SECS_PER_DAY));
return WOLFSSL_SUCCESS;
#else

4
tests/api.c
View File

@ -30388,6 +30388,8 @@ static void test_wolfSSL_ASN1_GENERALIZEDTIME_free(void)
WOLFSSL_ASN1_GENERALIZEDTIME* asn1_gtime;
unsigned char nullstr[32];
printf(testingFmt, "test_wolfSSL_ASN1_GENERALIZEDTIME_free");
XMEMSET(nullstr, 0, 32);
asn1_gtime = (WOLFSSL_ASN1_GENERALIZEDTIME*)XMALLOC(
sizeof(WOLFSSL_ASN1_GENERALIZEDTIME), NULL,
@ -30400,6 +30402,8 @@ static void test_wolfSSL_ASN1_GENERALIZEDTIME_free(void)
XFREE(asn1_gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA */
}