diff options
author | julien.pierre.boogz%sun.com <devnull@localhost> | 2008-10-06 23:37:56 +0000 |
---|---|---|
committer | julien.pierre.boogz%sun.com <devnull@localhost> | 2008-10-06 23:37:56 +0000 |
commit | 72a7a47e46f3ef841f72d0f61e90e93edd4eaf76 (patch) | |
tree | bafab02bfba49b331cbc68bd7e901e959f84b41e | |
parent | 2f205679011009cea5b66bec8fdee752b97f254e (diff) | |
download | nss-hg-72a7a47e46f3ef841f72d0f61e90e93edd4eaf76.tar.gz |
Fix for bug 455556 . Fixed size buffers used with PR_FormatTime can be too small . r=wtc
-rw-r--r-- | security/nss/cmd/lib/secutil.c | 7 | ||||
-rw-r--r-- | security/nss/cmd/signver/pk7print.c | 7 | ||||
-rw-r--r-- | security/nss/lib/certhigh/ocsp.c | 18 | ||||
-rw-r--r-- | security/nss/lib/util/sectime.c | 15 |
4 files changed, 29 insertions, 18 deletions
diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c index 8755bbe1f..9b36e2564 100644 --- a/security/nss/cmd/lib/secutil.c +++ b/security/nss/cmd/lib/secutil.c @@ -1057,7 +1057,7 @@ secu_PrintTime(FILE *out, int64 time, char *m, int level) /* Convert to local time */ PR_ExplodeTime(time, PR_GMTParameters, &printableTime); - timeString = PORT_Alloc(100); + timeString = PORT_Alloc(256); if (timeString == NULL) return; @@ -1066,8 +1066,9 @@ secu_PrintTime(FILE *out, int64 time, char *m, int level) fprintf(out, "%s: ", m); } - PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime); - fprintf(out, timeString); + if (PR_FormatTime(timeString, 256, "%a %b %d %H:%M:%S %Y", &printableTime)) { + fprintf(out, timeString); + } if (m != NULL) fprintf(out, "\n"); diff --git a/security/nss/cmd/signver/pk7print.c b/security/nss/cmd/signver/pk7print.c index 63564a7cf..60e0d07ec 100644 --- a/security/nss/cmd/signver/pk7print.c +++ b/security/nss/cmd/signver/pk7print.c @@ -119,11 +119,12 @@ sv_PrintTime(FILE *out, SECItem *t, char *m) /* Convert to local time */ PR_ExplodeTime(time, PR_LocalTimeParameters, &printableTime); - timeString = (char *)PORT_Alloc(100); + timeString = (char *)PORT_Alloc(256); if ( timeString ) { - PR_FormatTime( timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime ); - fprintf(out, "%s%s\n", m, timeString); + if (PR_FormatTime( timeString, 256, "%a %b %d %H:%M:%S %Y", &printableTime )) { + fprintf(out, "%s%s\n", m, timeString); + } PORT_Free(timeString); return 0; } diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index 14b95abe3..187e0ab71 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -205,14 +205,14 @@ static void ocsp_dumpStringWithTime(const char *str, int64 time) { PRExplodedTime timePrintable; - char timestr[100]; + char timestr[256]; if (!wantOcspTrace()) return; PR_ExplodeTime(time, PR_GMTParameters, &timePrintable); - PR_FormatTime(timestr, 100, "%a %b %d %H:%M:%S %Y", - &timePrintable); - ocsp_Trace("OCSP %s %s\n", str, timestr); + if (PR_FormatTime(timestr, 256, "%a %b %d %H:%M:%S %Y", &timePrintable)) { + ocsp_Trace("OCSP %s %s\n", str, timestr); + } } static void @@ -245,16 +245,18 @@ dumpCertificate(CERTCertificate *cert) { int64 timeBefore, timeAfter; PRExplodedTime beforePrintable, afterPrintable; - char beforestr[100], afterstr[100]; + char beforestr[256], afterstr[256]; + PRStatus rv1, rv2; DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore); DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter); PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable); PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable); - PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", + rv1 = PR_FormatTime(beforestr, 256, "%a %b %d %H:%M:%S %Y", &beforePrintable); - PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", + rv2 = PR_FormatTime(afterstr, 256, "%a %b %d %H:%M:%S %Y", &afterPrintable); - ocsp_Trace("OCSP ## VALIDITY: %s to %s\n", beforestr, afterstr); + ocsp_Trace("OCSP ## VALIDITY: %s to %s\n", rv1 ? beforestr : "", + rv2 ? afterstr : ""); } ocsp_Trace("OCSP ## ISSUER: %s\n", cert->issuerName); printHexString("OCSP ## SERIAL NUMBER:", &cert->serialNumber); diff --git a/security/nss/lib/util/sectime.c b/security/nss/lib/util/sectime.c index 65cadccd6..cf4c526fb 100644 --- a/security/nss/lib/util/sectime.c +++ b/security/nss/lib/util/sectime.c @@ -96,10 +96,13 @@ CERT_UTCTime2FormattedAscii (int64 utcTime, char *format) /* Converse time to local time and decompose it into components */ PR_ExplodeTime(utcTime, PR_LocalTimeParameters, &printableTime); - timeString = (char *)PORT_Alloc(100); + timeString = (char *)PORT_Alloc(256); if ( timeString ) { - PR_FormatTime( timeString, 100, format, &printableTime ); + if ( ! PR_FormatTime( timeString, 256, format, &printableTime )) { + PORT_Free(timeString); + timeString = NULL; + } } return (timeString); @@ -113,10 +116,14 @@ char *CERT_GenTime2FormattedAscii (int64 genTime, char *format) /* Decompose time into components */ PR_ExplodeTime(genTime, PR_GMTParameters, &printableTime); - timeString = (char *)PORT_Alloc(100); + timeString = (char *)PORT_Alloc(256); if ( timeString ) { - PR_FormatTime( timeString, 100, format, &printableTime ); + if ( ! PR_FormatTime( timeString, 256, format, &printableTime )) { + PORT_Free(timeString); + timeString = NULL; + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + } } return (timeString); |