[3109] in Kerberos-V5-bugs
pending/750: Time glitches in krb5-1.0.6
daemon@ATHENA.MIT.EDU (Keith Thompson)
Tue Sep 14 02:28:09 1999
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: gnats-admin@rt-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, Keith Thompson <kst@SDSC.EDU>
Message-Id: <199909140627.XAA04020@elmak>
Date: Mon, 13 Sep 1999 23:27:45 -0700 (PDT)
From: Keith Thompson <kst@SDSC.EDU>
To: krb5-bugs@MIT.EDU
Cc: kst@SDSC.EDU (Keith Thompson)
>Number: 750
>Category: pending
>Synopsis: Time glitches in krb5-1.0.6
>Confidential: yes
>Severity: serious
>Priority: medium
>Responsible: gnats-admin
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Sep 14 02:28:00 EDT 1999
>Last-Modified:
>Originator:
>Organization:
>Release:
>Environment:
>Description:
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
I would have used krb5-send-pr, as suggested in the README, but it
doesn't appear to have been built by "make".
In src/lib/krb5/os/gmt_mktime.c:
assert_time(t->tm_year>=70);
assert_time(t->tm_year<=138);
Hmm. I'm not sure that last check is really necessary. It's obviously
intended to fail after 2038, which is when a 32-bit signed time_t based
on 1970 overflows. If properly written, though, the code should be
able to handle a 64-bit time_t; there should be no need for this check.
(There's probably a Y2100 bug in the leap year accumulation code.)
It might be considered as a check that the C library behaves sanely,
but I've never seen or heard of one that doesn't handle tm_year
correctly.
Remember, 2038 is only as far in the future now as Y2K was in 1961.
========================================================================
Also in src/lib/krb5/os/gmt_mktime.c:
assert_time(t->tm_sec>=0);
assert_time(t->tm_sec<=62);
In fact, the C standard guarantees tm_sec <= 61, and C9X guarantees
tm_sec <= 60. (The C89 allowance for tm_sec == 61 resulted from a
misunderstanding -- in fact, there can't be 2 leap seconds in a single
minute.) The above code incorrectly allows up to *3* leap seconds.
========================================================================
In src/lib/krb5/asn.1/asn1_encode.c :
if (gtime == NULL ||
gtime->tm_year > 9999 || gtime->tm_mon > 11 ||
gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
gtime->tm_min > 59 || gtime->tm_sec > 59)
return ASN1_BAD_GMTIME;
This doesn't allow for *any* leap seconds. (I'll ignore the Y11900
error. 8-)})
--
Keith Thompson, San Diego Supercomputer Center kst@sdsc.edu
<http://www.sdsc.edu/~kst/> Office: 858-822-0853 Fax: 858-534-5077
"Oh my gosh! You are SO ahead of your time!" -- anon.
