Project

General

Profile

Bug #165

ASN1 parser date overflows

Added by Erick Turnquist over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Category:
libstrongswan
Target version:
Start date:
20.12.2011
Due date:
Estimated time:
Affected version:
4.6.1
Resolution:

Description

I have discovered some C casting errors that cause extremely large ASN1 dates to overflow and go undetected. Attached to this issue is a patch to correct the errors I found. This will turn this incorrect expiration date:

not after Sep 02 01:04:44 1975, expired (13258 days ago)

into

not after Oct 09 07:33:00 2111, ok

asn1-date-overflow.patch (870 Bytes) asn1-date-overflow.patch Erick Turnquist, 20.12.2011 10:08

History

#1 Updated by Tobias Brunner over 8 years ago

  • Category set to libstrongswan
  • Status changed from New to Resolved
  • Assignee set to Tobias Brunner
  • Target version set to 4.6.2

Hi Erick,

Thanks for the report. Fixed in master.

Regards,
Tobias

#2 Updated by Tobias Brunner over 8 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF