Page MenuHomeFreeBSD

ssh: correct parse_cert_times case for hex "to" time
ClosedPublic

Authored by emaste on Nov 3 2022, 1:48 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Oct 18, 5:11 AM
Unknown Object (File)
Oct 1 2024, 5:12 AM
Unknown Object (File)
Sep 21 2024, 1:39 PM
Unknown Object (File)
Sep 21 2024, 1:39 PM
Unknown Object (File)
Sep 21 2024, 1:39 PM
Unknown Object (File)
Sep 21 2024, 1:29 PM
Unknown Object (File)
Sep 19 2024, 5:29 AM
Unknown Object (File)
Sep 16 2024, 12:42 PM
Subscribers

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste requested review of this revision.Nov 3 2022, 1:48 PM
emaste created this revision.

Coverity's report:

 *** CID 1500407:  Incorrect expression  (COPY_PASTE_ERROR)
/crypto/openssh/ssh-keygen.c: 1978 in parse_cert_times()
1972                    fatal("Invalid from time \"%s\"", from);
1973     
1974            if (*to == '-' || *to == '+')
1975                    cert_valid_to = parse_relative_time(to, now);
1976            else if (strcmp(to, "forever") == 0)
1977                    cert_valid_to = ~(u_int64_t)0;
>>>     CID 1500407:  Incorrect expression  (COPY_PASTE_ERROR)
>>>     "from" in "strncmp(from, "0x", 2UL)" looks like a copy-paste error.
1978            else if (strncmp(from, "0x", 2) == 0)
1979                    parse_hex_u64(to, &cert_valid_to);
1980            else if (parse_absolute_time(to, &cert_valid_to) != 0)
1981                    fatal("Invalid to time \"%s\"", to);
1982     
1983            if (cert_valid_to <= cert_valid_from)
This revision is now accepted and ready to land.Nov 3 2022, 2:09 PM

For reference, issue was introduced in OpenSSH-portable ec1ddb72a146fd66d18df9cd423517453a5d8044, which references OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13