[svn] GnuPG - r4811 - in trunk: doc g10

svn author wk cvs at cvs.gnupg.org
Mon Aug 11 10:08:10 CEST 2008 

Author: wk
Date: 2008-08-11 10:08:08 +0200 (Mon, 11 Aug 2008)
New Revision: 4811

Modified:
   trunk/doc/DETAILS
   trunk/g10/keygen.c
Log:
Cehck for expire date overflows.


Modified: trunk/doc/DETAILS
===================================================================
--- trunk/doc/DETAILS	2008-08-11 07:42:25 UTC (rev 4810)
+++ trunk/doc/DETAILS	2008-08-11 08:08:08 UTC (rev 4811)
@@ -839,10 +839,16 @@
 	The 3 parts of a key. Remember to use UTF-8 here.
 	If you don't give any of them, no user ID is created.
      Expire-Date: <iso-date>|(<number>[d|w|m|y])
-	Set the expiration date for the key (and the subkey).  It
-	may either be entered in ISO date format (2000-08-15) or as
-	number of days, weeks, month or years. Without a letter days
-	are assumed.
+	Set the expiration date for the key (and the subkey).  It may
+	either be entered in ISO date format (2000-08-15) or as number
+	of days, weeks, month or years.  The special notation
+	"seconds=N" is also allowed to directly give an Epoch
+	value. Without a letter days are assumed.  Note that there is
+	no check done on the overflow of the type used by OpenPGP for
+	timestamps.  Thus you better make sure that the given value
+	make sense.  Although OpenPGP works with time intervals, GnuPG
+	uses an absolute value internally and thus the last year we
+	can represent is 2105.
      Creation-Date: <iso-date>
         Set the creation date of the key as stored in the key
         information and which is also part of the fingerprint

Modified: trunk/g10/keygen.c
===================================================================
--- trunk/g10/keygen.c	2008-08-11 07:42:25 UTC (rev 4810)
+++ trunk/g10/keygen.c	2008-08-11 08:08:08 UTC (rev 4811)
@@ -1789,21 +1789,23 @@
 u32
 parse_expire_string( const char *string )
 {
-    int mult;
-    u32 seconds,abs_date=0,curtime = make_timestamp();
-
-    if( !*string )
-      seconds = 0;
-    else if ( !strncmp (string, "seconds=", 8) )
-      seconds = atoi (string+8);
-    else if( (abs_date = scan_isodatestr(string)) && abs_date > curtime )
-      seconds = abs_date - curtime;
-    else if( (mult=check_valid_days(string)) )
-      seconds = atoi(string) * 86400L * mult;
-    else
-      seconds=(u32)-1;
-
-    return seconds;
+  int mult;
+  u32 seconds;
+  u32 abs_date = 0;
+  u32 curtime = make_timestamp ();
+  
+  if (!*string)
+    seconds = 0;
+  else if (!strncmp (string, "seconds=", 8))
+    seconds = atoi (string+8);
+  else if ((abs_date = scan_isodatestr(string)) && abs_date > curtime)
+    seconds = abs_date - curtime;
+  else if ((mult = check_valid_days (string)))
+    seconds = atoi (string) * 86400L * mult;
+  else
+    seconds = (u32)(-1);
+  
+  return seconds;
 }
 
 /* Parsean Creation-Date string which is either "1986-04-26" or
@@ -1916,7 +1918,13 @@
 	      tty_printf (_("Your system can't display dates beyond 2038.\n"
                             "However, it will be correctly handled up to"
                             " 2106.\n"));
+            else
 #endif /*SIZEOF_TIME_T*/
+              if ( (time_t)((unsigned long)(curtime+interval)) < curtime )
+                {
+                  tty_printf (_("invalid value\n"));
+                  continue;
+                }
 	  }
 
 	if( cpr_enabled() || cpr_get_answer_is_yes("keygen.valid.okay",

More information about the Gnupg-commits mailing list