Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
DISCONTINUED:openSUSE:11.1:Update
strongswan
strongswan-4.2.8_asn1_time.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File strongswan-4.2.8_asn1_time.patch of Package strongswan
diff -urN strongswan-4.2.8/src/libstrongswan/asn1/asn1.c strongswan-4.2.8_asn1_time/src/libstrongswan/asn1/asn1.c --- strongswan-4.2.8/src/libstrongswan/asn1/asn1.c 2008-09-17 23:10:35.000000000 +0200 +++ strongswan-4.2.8_asn1_time/src/libstrongswan/asn1/asn1.c 2009-06-24 18:19:20.000000000 +0200 @@ -281,14 +281,20 @@ { int tz_hour, tz_min; - sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min); + if (sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min) != 2) + { + return 0; /* error in positive timezone offset format */ + } tz_offset = 3600*tz_hour + 60*tz_min; /* positive time zone offset */ } else if ((eot = memchr(utctime->ptr, '-', utctime->len)) != NULL) { int tz_hour, tz_min; - sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min); + if (sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min) != 2) + { + return 0; /* error in negative timezone offset format */ + } tz_offset = -3600*tz_hour - 60*tz_min; /* negative time zone offset */ } else @@ -297,17 +303,23 @@ } { - const char* format = (type == ASN1_UTCTIME)? "%2d%2d%2d%2d%2d": + const char* format = (type == ASN1_UTCTIME)? "%2d%2d%2d%2d%2d": "%4d%2d%2d%2d%2d"; - sscanf(utctime->ptr, format, &t.tm_year, &t.tm_mon, &t.tm_mday, - &t.tm_hour, &t.tm_min); + if (sscanf(utctime->ptr, format, &t.tm_year, &t.tm_mon, &t.tm_mday, + &t.tm_hour, &t.tm_min) != 5) + { + return 0; /* error in time st [yy]yymmddhhmm time format */ + } } /* is there a seconds field? */ if ((eot - utctime->ptr) == ((type == ASN1_UTCTIME)?12:14)) { - sscanf(eot-2, "%2d", &t.tm_sec); + if (sscanf(eot-2, "%2d", &t.tm_sec) != 1) + { + return 0; /* error in ss seconds field format */ + } } else { diff -urN strongswan-4.2.8/src/pluto/asn1.c strongswan-4.2.8_asn1_time/src/pluto/asn1.c --- strongswan-4.2.8/src/pluto/asn1.c 2008-09-17 23:10:41.000000000 +0200 +++ strongswan-4.2.8_asn1_time/src/pluto/asn1.c 2009-06-24 18:19:20.000000000 +0200 @@ -364,14 +364,20 @@ { int tz_hour, tz_min; - sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min); + if (sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min) != 2) + { + return 0; /* error in positive timezone offset format */ + } tz_offset = 3600*tz_hour + 60*tz_min; /* positive time zone offset */ } else if ((eot = memchr(utctime->ptr, '-', utctime->len)) != NULL) { int tz_hour, tz_min; - sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min); + if (sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min) != 2) + { + return 0; /* error in negative timezone offset format */ + } tz_offset = -3600*tz_hour - 60*tz_min; /* negative time zone offset */ } else @@ -383,14 +389,20 @@ const char* format = (type == ASN1_UTCTIME)? "%2d%2d%2d%2d%2d": "%4d%2d%2d%2d%2d"; - sscanf(utctime->ptr, format, &t.tm_year, &t.tm_mon, &t.tm_mday, - &t.tm_hour, &t.tm_min); - } + if (sscanf(utctime->ptr, format, &t.tm_year, &t.tm_mon, &t.tm_mday, + &t.tm_hour, &t.tm_min) != 5) + { + return 0; /* error in time st [yy]yymmddhhmm time format */ + } + } /* is there a seconds field? */ if ((eot - utctime->ptr) == ((type == ASN1_UTCTIME)?12:14)) { - sscanf(eot-2, "%2d", &t.tm_sec); + if (sscanf(eot-2, "%2d", &t.tm_sec) != 1) + { + return 0; /* error in ss seconds field format */ + } } else {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
