Fix bug #947 (expire time overflow)

2025-07-02 22:46:30 +02:00 · 2008-08-11 08:19:48 +00:00 · 2008-08-11 08:19:48 +00:00 · 64a47d54c4
commit 64a47d54c4
parent 99fb609e0a
4 changed files with 34 additions and 6 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,8 @@
+2008-08-11  Werner Koch  <wk@g10code.com>
+
+	* keygen.c (ask_expire_interval): Check for time overflow of an
+	u32.  Fixes bug #947.  Use SIZEOF_TIME_T for the 2039--2106 check.
+
 2008-08-01  Werner Koch  <wk@g10code.com>

 	* tdbio.c (open_db) [!EROFS]: Move closing parens out of the
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -1697,12 +1697,18 @@ ask_expire_interval(u32 timestamp,int object,const char *def_expire)
 		       ? _("Key expires at %s\n")
 		       : _("Signature expires at %s\n"),
 		       asctimestamp((ulong)(timestamp + interval) ) );
-	    /* FIXME: This check yields warning on alhas: Write a
-	       configure check and to this check here only for 32 bit
-	       machines */
-	    if( (time_t)((ulong)(timestamp+interval)) < 0 )
-	      tty_printf(_("Your system can't display dates beyond 2038.\n"
-			   "However, it will be correctly handled up to 2106.\n"));
+#if SIZEOF_TIME_T <= 4
+	    if ((time_t)((ulong)(timestamp+interval)) < 0 )
+	      tty_printf (_("Your system can't display dates beyond 2038.\n"
+                            "However, it will be correctly handled up to"
+                            " 2106.\n"));
+            else
+#endif /*SIZEOF_TIME_T*/
+              if ( (time_t)((unsigned long)(timestamp+interval)) < timestamp )
+                {
+                  tty_printf (_("invalid value\n"));
+                  continue;
+                }
 	  }

 	if( cpr_enabled() || cpr_get_answer_is_yes("keygen.valid.okay",