lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 18 Dec 2015 00:02:24 +0000 From: David Howells <dhowells@...hat.com> To: keyrings@...r.kernel.org Cc: David Woodhouse <David.Woodhouse@...el.com>, Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org, stable@...r.kernel.org, dhowells@...hat.com, linux-security-module@...r.kernel.org, Rudolf Polzer <rpolzer@...gle.com>, John Stultz <john.stultz@...aro.org> Subject: [PATCH 5/5] X.509: Handle midnight alternative notation in GeneralizedTime The ASN.1 GeneralizedTime object carries an ISO8601 format date and time. The time is permitted to show midnight as 00:00 or 24:00 (the latter being equivalent of 00:00 of the following day). The permitted value is checked in x509_decode_time() but the actual handling is left to mktime64(). Without this patch, certain X.509 certificates will be rejected and could lead to an unbootable kernel. Reported-by: Rudolf Polzer <rpolzer@...gle.com> Signed-off-by: David Howells <dhowells@...hat.com> cc: David Woodhouse <David.Woodhouse@...el.com> cc: John Stultz <john.stultz@...aro.org> cc: Arnd Bergmann <arnd@...db.de> cc: stable@...r.kernel.org --- crypto/asymmetric_keys/x509_cert_parser.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 9be2caebc57b..b9de251c419c 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -497,7 +497,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen, static const unsigned char month_lengths[] = { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 }; const unsigned char *p = value; - unsigned year, mon, day, hour, min, sec, mon_len, max_sec; + unsigned year, mon, day, hour, min, sec, mon_len, max_sec, max_hour; #define dec2bin(X) ({ unsigned char x = (X) - '0'; if (x > 9) goto invalid_time; x; }) #define DD2bin(P) ({ unsigned x = dec2bin(P[0]) * 10 + dec2bin(P[1]); P += 2; x; }) @@ -512,6 +512,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen, else year += 2000; max_sec = 59; + max_hour = 23; } else if (tag == ASN1_GENTIM) { /* GenTime: YYYYMMDDHHMMSSZ */ if (vlen != 15) @@ -520,6 +521,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen, if (year >= 1950 && year <= 2049) goto invalid_time; max_sec = 60; /* ISO 8601 permits leap seconds [X.680 46.3] */ + max_hour = 24; } else { goto unsupported_time; } @@ -550,11 +552,17 @@ int x509_decode_time(time64_t *_t, size_t hdrlen, } if (day < 1 || day > mon_len || - hour > 23 || + hour > max_hour || min > 59 || sec > max_sec) goto invalid_time; + /* GeneralizedTime, encoded as ISO 8601, also permits 24:00 today as an + * alternative for 00:00 tomorrow. + */ + if (hour == 24 && (min != 0 || sec != 0)) + goto invalid_time; + *_t = mktime64(year, mon, day, hour, min, sec); return 0; -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists