[openssl.org #1097] Bug Report

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[openssl.org #1097] Bug Report

Rich Salz via RT

Hi,

I just applied and committed the proposed change.  Thanks!

Ticket resolved.

[[hidden email] - Sat Jun  4 19:24:48 2005]:

> In function X509_cmp_time file X509_vfy.c
>
> Existing code for handling offset on validity time:
>
> if (*str == 'Z')
> offset=0;
> else
> {
> printf("*str != Z is %c\n",*str);
> if ((*str != '+') && (str[5] != '-'))
> return 0;
> offset=((str[1]-'0')*10+(str[2]-'0'))*60;
> offset+=(str[3]-'0')*10+(str[4]-'0');
> if (*str == '-')
> offset= -offset;
> }
>
> Should be:
>
> if (*str == 'Z')
> offset=0;
> else
> {
> printf("*str != Z is %c\n",*str);
> if ((*str != '+') && (*str != '-'))
> return 0;
> offset=((str[1]-'0')*10+(str[2]-'0'))*60;
> offset+=(str[3]-'0')*10+(str[4]-'0');
> if (*str == '-')
> offset= -offset;
> }
>
> The existing code will accept
>
> "050603014800+1800", but not "050603014800-0600"  
>
> > Jim Heit
> > Enterprise Server Communications Engineering
> > UNISYS Central Development Laboratory
> > Roseville, MN USA
> > +1(651)635-3169  Net2 524-3169
> > Fax +1(651)635-5260 Net2 524-5260
> >                 Reply to: [hidden email]
> >
>  
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE
PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e-
mail
> and its attachments from all computers.
>  
>
>


--
Richard Levitte
[hidden email]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]