Page MenuHomeFreeBSD
Differential D37252

ssh: correct parse_cert_times case for hex "to" time
ClosedPublic
Actions

Authored by emaste on Nov 3 2022, 1:48 PM.
Tags
None
Referenced Files
F137512111: D37252.id.diff
Mon, Nov 24, 2:24 AM
F137511751: D37252.diff
Mon, Nov 24, 2:20 AM
Unknown Object (File)
Thu, Nov 20, 8:33 AM
Unknown Object (File)
Sun, Nov 9, 11:43 PM
Unknown Object (File)
Sun, Nov 2, 11:20 PM
Unknown Object (File)
Sun, Oct 26, 7:21 PM
Unknown Object (File)
Oct 18 2025, 5:00 AM
Unknown Object (File)
Oct 9 2025, 4:59 PM
View All 85 Files
Subscribers
imp

Details

Reviewers
des
bdrewery
markj
Commits
rG495850ff5ad3: ssh: correct parse_cert_times case for hex "to" time
rGa841c0c240b7: ssh: correct parse_cert_times case for hex "to" time
rG4718d86b3b1a: ssh: correct parse_cert_times case for hex "to" time
rG0657b2325df3: ssh: correct parse_cert_times case for hex "to" time
Summary

This appeared to be a copy-paste error from the "from" time case above.

Test Plan
Reported by:    Coverity Scan
CID:            1500407
Sponsored by:   The FreeBSD Foundation

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste requested review of this revision.Nov 3 2022, 1:48 PM
emaste created this revision.
emaste added a comment.Nov 3 2022, 2:02 PM

Coverity's report:

 *** CID 1500407:  Incorrect expression  (COPY_PASTE_ERROR)
/crypto/openssh/ssh-keygen.c: 1978 in parse_cert_times()
1972                    fatal("Invalid from time \"%s\"", from);
1973     
1974            if (*to == '-' || *to == '+')
1975                    cert_valid_to = parse_relative_time(to, now);
1976            else if (strcmp(to, "forever") == 0)
1977                    cert_valid_to = ~(u_int64_t)0;
>>>     CID 1500407:  Incorrect expression  (COPY_PASTE_ERROR)
>>>     "from" in "strncmp(from, "0x", 2UL)" looks like a copy-paste error.
1978            else if (strncmp(from, "0x", 2) == 0)
1979                    parse_hex_u64(to, &cert_valid_to);
1980            else if (parse_absolute_time(to, &cert_valid_to) != 0)
1981                    fatal("Invalid to time \"%s\"", to);
1982     
1983            if (cert_valid_to <= cert_valid_from)
markj accepted this revision.Nov 3 2022, 2:09 PM
This revision is now accepted and ready to land.Nov 3 2022, 2:09 PM
Closed by commit rG0657b2325df3: ssh: correct parse_cert_times case for hex "to" time (authored by emaste). · Explain WhyNov 3 2022, 2:14 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG0657b2325df3: ssh: correct parse_cert_times case for hex "to" time.
Herald added a subscriber: imp. · View Herald TranscriptNov 3 2022, 2:14 PM
emaste added a comment.Nov 3 2022, 2:31 PM

For reference, issue was introduced in OpenSSH-portable ec1ddb72a146fd66d18df9cd423517453a5d8044, which references OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13

emaste added a commit: rG4718d86b3b1a: ssh: correct parse_cert_times case for hex "to" time.Nov 6 2022, 2:20 PM
emaste added a commit: rGa841c0c240b7: ssh: correct parse_cert_times case for hex "to" time.
emaste added a commit: rG495850ff5ad3: ssh: correct parse_cert_times case for hex "to" time.Nov 6 2022, 2:23 PM

Revision Contents
Changeset List

PathSize
crypto/
openssh/
2 lines

Diff 112560

View Options

crypto/openssh/ssh-keygen.c

Loading...