From 3df11946504668da47b76edf2a50247643020aff Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Fri, 17 Apr 1998 00:56:48 +0000 Subject: [PATCH] * asn1_encode.c (asn1_encode_generaltime): Sanity check the return from gmtime() to avoid overruns. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10534 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/asn.1/ChangeLog | 5 +++++ src/lib/krb5/asn.1/asn1_encode.c | 12 +++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog index f15192816..de87d7766 100644 --- a/src/lib/krb5/asn.1/ChangeLog +++ b/src/lib/krb5/asn.1/ChangeLog @@ -1,3 +1,8 @@ +Thu Apr 16 17:01:27 1998 Tom Yu + + * asn1_encode.c (asn1_encode_generaltime): Sanity check the return + from gmtime() to avoid overruns. + Fri Feb 27 18:03:33 1998 Theodore Ts'o * Makefile.in: Changed thisconfigdir to point at the lib/krb5 diff --git a/src/lib/krb5/asn.1/asn1_encode.c b/src/lib/krb5/asn.1/asn1_encode.c index 16c25ca24..826fc94af 100644 --- a/src/lib/krb5/asn.1/asn1_encode.c +++ b/src/lib/krb5/asn.1/asn1_encode.c @@ -203,7 +203,17 @@ asn1_error_code asn1_encode_generaltime(buf, val, retlen) gmt_time = val + EPOCH; gtime = gmtime(&gmt_time); - /* Time encoding: YYYYMMDDhhmmssZ */ + /* + * Time encoding: YYYYMMDDhhmmssZ + * + * Sanity check this just to be paranoid, as gmtime can return NULL, + * and some bogus implementations might overrun on the sprintf. + */ + if (gtime == NULL || + gtime->tm_year > 9999 || gtime->tm_mon > 11 || + gtime->tm_mday > 31 || gtime->tm_hour > 23 || + gtime->tm_min > 59 || gtime->tm_sec > 59) + return ASN1_BAD_GMTIME; sprintf(s, "%04d%02d%02d%02d%02d%02dZ", 1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday, gtime->tm_hour, gtime->tm_min, gtime->tm_sec); -- 2.26.2