[4422] in Kerberos
bug in gmt_mktime.c
daemon@ATHENA.MIT.EDU (David Parter)
Tue Jan 3 01:11:22 1995
To: krb5-bugs@MIT.EDU, kerberos@MIT.EDU
Date: Mon, 02 Jan 1995 23:59:43 -0600
From: David Parter <dparter@cs.wisc.edu>
In krb5 beta 4 pl 3, src/lib/krb5/os/gmt_mktime.c, the addition of
leap days for past leap years if wrong.
the code reads:
accum = t->tm_year - 70;
accum *= 365; /* 365 days/normal year */
/* add in leap day for all previous years */
accum += (t->tm_year - 68) / 4;
/* add in leap day for this year */
if(t->tm_mon >= 2) /* march or later */
if(hasleapday(t->tm_year)) accum += 1;
As far as I can tell, the line:
accum += (t->tm_year - 68) / 4;
erroneously includes tm_year in the count of "previous" years,
which adds an extra day if tm_year is divisible by 4. the code
two lines later correctly takes care of tm_year.
The line should be
accum += ((t->tm_year - 1) - 69) / 4;
which is the same as:
accum += (t->tm_year - 69) / 4;
(In case you are wondering about the magic numbers 70, and 68
the code, it is because the time that is being returned is
seconds since the unix epoch (00:00:00 GMT, Jan. 1, 1970).
I discovered this with kinit, requesting a ticket renewable for 1
year. It worked last week, and didn't work today, since next year
(96) is a leap year. krb5kdc returned a ticket renewable for 1 more day than
requested, which krb5_get_in_tkt() rejected.
--david
--------
david parter dparter@cs.wisc.edu
university of wisconsin -- madison voice: 608-262-0608/262-2389
computer sciences department fax: 608-262-6626
postmaster, hostmaster, xunet/blanca, mentor, www, gopher, ftp,
compilers, security, software planning, training ...
