security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-05-17 08:43:24 +02:00
Code Activity

g10: Avoid accessing invalid expiration dates.

Browse Source 
* g10/sig-check.c (check_signature_metadata_validity): Avoid accessing
invalid expiration dates.

Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
Justus Winter 2017-01-02 18:16:47 +01:00
parent 65c8002b70
commit 01406840c1
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
g10/sig-check.c
View File

@ -324,7 +324,14 @@ check_signature_metadata_validity (PKT_public_key *pk, PKT_signature *sig,
flag which is set after a full evaluation of the key (getkey.c) flag which is set after a full evaluation of the key (getkey.c)
as well as a simple compare to the current time in case the as well as a simple compare to the current time in case the
merge has for whatever reasons not been done. */ merge has for whatever reasons not been done. */
if( pk->has_expired || (kb_pk_expiredate (pk) && kb_pk_expiredate (pk) < cur_time)) { if( pk->has_expired || (/* Computing EXPIREDATE requires calling
this function. To break this circular
dependency, we only check the
expiration if this information is
already known (i.e. valid): */
kb_pk_valid_expiredate (pk)
&& kb_pk_expiredate (pk)
&& kb_pk_expiredate (pk) < cur_time)) {
char buf[11]; char buf[11];
if (opt.verbose) if (opt.verbose)
log_info(_("Note: signature key %s expired %s\n"), log_info(_("Note: signature key %s expired %s\n"),