[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20151218000224.29483.61861.stgit@warthog.procyon.org.uk>
Date: Fri, 18 Dec 2015 00:02:24 +0000
From: David Howells <dhowells@...hat.com>
To: keyrings@...r.kernel.org
Cc: David Woodhouse <David.Woodhouse@...el.com>,
Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org,
stable@...r.kernel.org, dhowells@...hat.com,
linux-security-module@...r.kernel.org,
Rudolf Polzer <rpolzer@...gle.com>,
John Stultz <john.stultz@...aro.org>
Subject: [PATCH 5/5] X.509: Handle midnight alternative notation in
GeneralizedTime
The ASN.1 GeneralizedTime object carries an ISO8601 format date and time.
The time is permitted to show midnight as 00:00 or 24:00 (the latter being
equivalent of 00:00 of the following day).
The permitted value is checked in x509_decode_time() but the actual
handling is left to mktime64().
Without this patch, certain X.509 certificates will be rejected and could
lead to an unbootable kernel.
Reported-by: Rudolf Polzer <rpolzer@...gle.com>
Signed-off-by: David Howells <dhowells@...hat.com>
cc: David Woodhouse <David.Woodhouse@...el.com>
cc: John Stultz <john.stultz@...aro.org>
cc: Arnd Bergmann <arnd@...db.de>
cc: stable@...r.kernel.org
---
crypto/asymmetric_keys/x509_cert_parser.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index 9be2caebc57b..b9de251c419c 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -497,7 +497,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen,
static const unsigned char month_lengths[] = { 31, 28, 31, 30, 31, 30,
31, 31, 30, 31, 30, 31 };
const unsigned char *p = value;
- unsigned year, mon, day, hour, min, sec, mon_len, max_sec;
+ unsigned year, mon, day, hour, min, sec, mon_len, max_sec, max_hour;
#define dec2bin(X) ({ unsigned char x = (X) - '0'; if (x > 9) goto invalid_time; x; })
#define DD2bin(P) ({ unsigned x = dec2bin(P[0]) * 10 + dec2bin(P[1]); P += 2; x; })
@@ -512,6 +512,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen,
else
year += 2000;
max_sec = 59;
+ max_hour = 23;
} else if (tag == ASN1_GENTIM) {
/* GenTime: YYYYMMDDHHMMSSZ */
if (vlen != 15)
@@ -520,6 +521,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen,
if (year >= 1950 && year <= 2049)
goto invalid_time;
max_sec = 60; /* ISO 8601 permits leap seconds [X.680 46.3] */
+ max_hour = 24;
} else {
goto unsupported_time;
}
@@ -550,11 +552,17 @@ int x509_decode_time(time64_t *_t, size_t hdrlen,
}
if (day < 1 || day > mon_len ||
- hour > 23 ||
+ hour > max_hour ||
min > 59 ||
sec > max_sec)
goto invalid_time;
+ /* GeneralizedTime, encoded as ISO 8601, also permits 24:00 today as an
+ * alternative for 00:00 tomorrow.
+ */
+ if (hour == 24 && (min != 0 || sec != 0))
+ goto invalid_time;
+
*_t = mktime64(year, mon, day, hour, min, sec);
return 0;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists