Fix for bug 455556 . Fixed size buffers used with PR_FormatTime can be too small . r=wtc

4 files changed, 29 insertions, 18 deletions

diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c
index 8755bbe1f..9b36e2564 100644
--- a/security/nss/cmd/lib/secutil.c
+++ b/security/nss/cmd/lib/secutil.c
@@ -1057,7 +1057,7 @@ secu_PrintTime(FILE *out, int64 time, char *m, int level)
     /* Convert to local time */
     PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
 
-    timeString = PORT_Alloc(100);
+    timeString = PORT_Alloc(256);
     if (timeString == NULL)
 	return;
 
@@ -1066,8 +1066,9 @@ secu_PrintTime(FILE *out, int64 time, char *m, int level)
 	fprintf(out, "%s: ", m);
     }
 
-    PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime);
-    fprintf(out, timeString);
+    if (PR_FormatTime(timeString, 256, "%a %b %d %H:%M:%S %Y", &printableTime)) {
+        fprintf(out, timeString);
+    }
 
     if (m != NULL)
 	fprintf(out, "\n");
diff --git a/security/nss/cmd/signver/pk7print.c b/security/nss/cmd/signver/pk7print.c
index 63564a7cf..60e0d07ec 100644
--- a/security/nss/cmd/signver/pk7print.c
+++ b/security/nss/cmd/signver/pk7print.c
@@ -119,11 +119,12 @@ sv_PrintTime(FILE *out, SECItem *t, char *m)
     /* Convert to local time */
     PR_ExplodeTime(time, PR_LocalTimeParameters, &printableTime);
 
-    timeString = (char *)PORT_Alloc(100);
+    timeString = (char *)PORT_Alloc(256);
 
     if ( timeString ) {
-        PR_FormatTime( timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime );
-        fprintf(out, "%s%s\n", m, timeString);
+        if (PR_FormatTime( timeString, 256, "%a %b %d %H:%M:%S %Y", &printableTime )) {
+            fprintf(out, "%s%s\n", m, timeString);
+        }
         PORT_Free(timeString);
         return 0;
     }
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
index 14b95abe3..187e0ab71 100644
--- a/security/nss/lib/certhigh/ocsp.c
+++ b/security/nss/lib/certhigh/ocsp.c
@@ -205,14 +205,14 @@ static void
 ocsp_dumpStringWithTime(const char *str, int64 time)
 {
     PRExplodedTime timePrintable;
-    char timestr[100];
+    char timestr[256];
 
     if (!wantOcspTrace())
         return;
     PR_ExplodeTime(time, PR_GMTParameters, &timePrintable);
-    PR_FormatTime(timestr, 100, "%a %b %d %H:%M:%S %Y", 
-                  &timePrintable);
-    ocsp_Trace("OCSP %s %s\n", str, timestr);
+    if (PR_FormatTime(timestr, 256, "%a %b %d %H:%M:%S %Y", &timePrintable)) {
+        ocsp_Trace("OCSP %s %s\n", str, timestr);
+    }
 }
 
 static void
@@ -245,16 +245,18 @@ dumpCertificate(CERTCertificate *cert)
     {
         int64 timeBefore, timeAfter;
         PRExplodedTime beforePrintable, afterPrintable;
-        char beforestr[100], afterstr[100];
+        char beforestr[256], afterstr[256];
+        PRStatus rv1, rv2;
         DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore);
         DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter);
         PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
         PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
-        PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", 
+        rv1 = PR_FormatTime(beforestr, 256, "%a %b %d %H:%M:%S %Y", 
                       &beforePrintable);
-        PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", 
+        rv2 = PR_FormatTime(afterstr, 256, "%a %b %d %H:%M:%S %Y", 
                       &afterPrintable);
-        ocsp_Trace("OCSP ## VALIDITY:  %s to %s\n", beforestr, afterstr);
+        ocsp_Trace("OCSP ## VALIDITY:  %s to %s\n", rv1 ? beforestr : "",
+                   rv2 ? afterstr : "");
     }
     ocsp_Trace("OCSP ## ISSUER:  %s\n", cert->issuerName);
     printHexString("OCSP ## SERIAL NUMBER:", &cert->serialNumber);
diff --git a/security/nss/lib/util/sectime.c b/security/nss/lib/util/sectime.c
index 65cadccd6..cf4c526fb 100644
--- a/security/nss/lib/util/sectime.c
+++ b/security/nss/lib/util/sectime.c
@@ -96,10 +96,13 @@ CERT_UTCTime2FormattedAscii (int64 utcTime, char *format)
     /* Converse time to local time and decompose it into components */
     PR_ExplodeTime(utcTime, PR_LocalTimeParameters, &printableTime);
     
-    timeString = (char *)PORT_Alloc(100);
+    timeString = (char *)PORT_Alloc(256);
 
     if ( timeString ) {
-        PR_FormatTime( timeString, 100, format, &printableTime );
+        if ( ! PR_FormatTime( timeString, 256, format, &printableTime )) {
+            PORT_Free(timeString);
+            timeString = NULL;
+        }
     }
     
     return (timeString);
@@ -113,10 +116,14 @@ char *CERT_GenTime2FormattedAscii (int64 genTime, char *format)
     /* Decompose time into components */
     PR_ExplodeTime(genTime, PR_GMTParameters, &printableTime);
     
-    timeString = (char *)PORT_Alloc(100);
+    timeString = (char *)PORT_Alloc(256);
 
     if ( timeString ) {
-        PR_FormatTime( timeString, 100, format, &printableTime );
+        if ( ! PR_FormatTime( timeString, 256, format, &printableTime )) {
+            PORT_Free(timeString);
+            timeString = NULL;
+            PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+        }
     }
     
     return (timeString);