Bug #165: ASN1 parser date overflows - strongSwan

Bug #165

ASN1 parser date overflows

Added by Erick Turnquist over 8 years ago. Updated over 8 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Tobias Brunner

Category:

libstrongswan

Target version:

4.6.2

Start date:

20.12.2011

Due date:

Estimated time:

Affected version:

4.6.1

Resolution:

Description

I have discovered some C casting errors that cause extremely large ASN1 dates to overflow and go undetected. Attached to this issue is a patch to correct the errors I found. This will turn this incorrect expiration date:

not after Sep 02 01:04:44 1975, expired (13258 days ago)

into

not after Oct 09 07:33:00 2111, ok

asn1-date-overflow.patch (870 Bytes) asn1-date-overflow.patch

Erick Turnquist, 20.12.2011 10:08

History

#1 Updated by Tobias Brunner over 8 years ago

Category set to libstrongswan
Status changed from New to Resolved
Assignee set to Tobias Brunner
Target version set to 4.6.2

Hi Erick,

Thanks for the report. Fixed in master.

Regards,
Tobias

#2 Updated by Tobias Brunner over 8 years ago

Status changed from Resolved to Closed

Also available in: Atom PDF

Project

General

Profile

strongSwan

Issues

New issues

Bug #165

ASN1 parser date overflows

History

#1 Updated by Tobias Brunner over 8 years ago

#2 Updated by Tobias Brunner over 8 years ago