Opened 3 months ago

Closed 3 months ago

#23055 closed defect (fixed)

Y2106 bug in certificate expiration parsing.

Reported by: nickm Owned by: nickm
Priority: Medium Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor Version:
Severity: Trivial Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In this code:

  const uint32_t expiration_date = rsa_ed_crosscert_get_expiration(cc);
  const uint64_t expiration_time = expiration_date * 3600;

Coverity caught this as CID 1415728.

No backport, since all current Tor releases will be obsolete by the time anyone hits this bug.

Child Tickets

Change History (3)

comment:1 Changed 3 months ago by nickm

Owner: set to nickm
Status: newaccepted

comment:2 Changed 3 months ago by nickm

Summary: Y2038 bug in certificate expiration parsing.Y2106 bug in certificate expiration parsing.

comment:3 Changed 3 months ago by nickm

Resolution: fixed
Severity: NormalTrivial
Status: acceptedclosed

Fixed as 769a94d9ce570b9418ab8705dc95c99f9b8c2251.

Note: See TracTickets for help on using tickets.