From 8b2e5fdada305606b627317c6df79931903fef23 Mon Sep 17 00:00:00 2001 From: blogic Date: Thu, 4 Jul 2013 13:31:32 +0000 Subject: [PATCH] px5g: creates certificates that expire in the past the attached patch fixes a bug of px5g when instructed to build certificates that expire after 2038-01-19, caused a multiplication that may overflow the "to" variable of type time_t Attached patch checks if "to" precedes "from": if so sets "to" to its maximum value. Pretty rude, but works well even if certificate is set to expire in a century Signed-off-by: Federico Fissore Patchork: http://patchwork.openwrt.org/patch/3749/ git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37165 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/utils/px5g/src/px5g.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/package/utils/px5g/src/px5g.c b/package/utils/px5g/src/px5g.c index 2b3e78585c..cf50ad28e2 100644 --- a/package/utils/px5g/src/px5g.c +++ b/package/utils/px5g/src/px5g.c @@ -22,6 +22,7 @@ #include #include #include +#include #include "polarssl/havege.h" #include "polarssl/bignum.h" #include "polarssl/x509.h" @@ -157,6 +158,8 @@ int selfsigned(char **arg) { from = (from < 1000000000) ? 1000000000 : from; strftime(fstr, sizeof(fstr), "%F %H:%M:%S", gmtime(&from)); to = from + 60 * 60 * 24 * days; + if (to < from) + to = INT_MAX; strftime(tstr, sizeof(tstr), "%F %H:%M:%S", gmtime(&to)); x509_raw cert; -- 2.11.0