From 1ae8d3c3b9bc590eb717f516d63c3c4ba6f62810 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Thu, 19 Oct 2006 16:19:32 +0000 Subject: [PATCH] make more strict git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18607 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/asn1/timegm.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/lib/asn1/timegm.c b/lib/asn1/timegm.c index 388718cbb..de915c729 100644 --- a/lib/asn1/timegm.c +++ b/lib/asn1/timegm.c @@ -35,8 +35,6 @@ RCSID("$Id$"); -#ifndef HAVE_TIMEGM - static int is_leap(unsigned y) { @@ -44,6 +42,12 @@ is_leap(unsigned y) return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0); } +/* + * This is a simplifed version of _der_timegm that doesn't accept out + * of bound values that timegm(3) normally accepts but those are not + * valid in asn1 encodings. + */ + time_t _der_timegm (struct tm *tm) { @@ -53,10 +57,18 @@ _der_timegm (struct tm *tm) time_t res = 0; unsigned i; - /* XXX this is wrong, needs to handle out of range - * months, days, hours, min, sec */ + if (tm->tm_year < 0) + return -1; if (tm->tm_mon < 0 || tm->tm_mon > 11) return -1; + if (tm->tm_mday < 1 || tm->tm_mday > ndays[is_leap(tm->tm_year)][tm->tm_mon]) + return -1; + if (tm->tm_hour < 0 || tm->tm_hour > 23) + return -1; + if (tm->tm_min < 0 || tm->tm_min > 59) + return -1; + if (tm->tm_sec < 0 || tm->tm_sec > 59) + return -1; for (i = 70; i < tm->tm_year; ++i) res += is_leap(i) ? 366 : 365; @@ -72,5 +84,3 @@ _der_timegm (struct tm *tm) res += tm->tm_sec; return res; } - -#endif /* HAVE_TIMEGM */