krb5 commit: Fix minor race in kadmin time interval parsing
Greg Hudson
ghudson at mit.edu
Mon Apr 25 21:10:16 EDT 2016
https://github.com/krb5/krb5/commit/cf6e4cae6e43f06cb1d173576d155952440db2fc
commit cf6e4cae6e43f06cb1d173576d155952440db2fc
Author: Greg Hudson <ghudson at mit.edu>
Date: Fri Apr 22 15:23:04 2016 -0400
Fix minor race in kadmin time interval parsing
When parsing kadmin time intervals using getdate.y relative time
formats, make sure the same timestamp is added to and substracted from
the relative value. To accomplish this, rename get_date() to
get_date_rel() with a second parameter for the current time, and make
get_date() a wrapper with the current signature for the benefit of
kdb5_util and kdb5_ldap_util.
ticket: 8393
src/kadmin/cli/getdate.y | 12 ++++++++++--
src/kadmin/cli/kadmin.c | 10 +++++-----
src/kadmin/cli/kadmin.h | 2 +-
3 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/src/kadmin/cli/getdate.y b/src/kadmin/cli/getdate.y
index fc0a403..4f0c56f 100644
--- a/src/kadmin/cli/getdate.y
+++ b/src/kadmin/cli/getdate.y
@@ -863,10 +863,11 @@ difftm(struct tm *a, struct tm *b)
#include <krb5.h>
int yyparse(void);
+time_t get_date_rel(char *, time_t);
time_t get_date(char *);
time_t
-get_date(char *p)
+get_date_rel(char *p, time_t nowtime)
{
struct my_timeb *now = NULL;
struct tm *tm, gmt;
@@ -880,7 +881,7 @@ get_date(char *p)
if (now == NULL) {
now = &ftz;
- ftz.time = time((time_t *) 0);
+ ftz.time = nowtime;
if (! (tm = gmtime (&ftz.time)))
return -1;
@@ -1017,6 +1018,13 @@ get_date(char *p)
}
+time_t
+get_date(char *p)
+{
+ return get_date_rel(p, time(NULL));
+}
+
+
#if defined(TEST)
/* ARGSUSED */
diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c
index d791cee..62786b1 100644
--- a/src/kadmin/cli/kadmin.c
+++ b/src/kadmin/cli/kadmin.c
@@ -154,11 +154,11 @@ strdate(krb5_timestamp when)
/* Parse a date string using getdate.y. On failure, output an error message
* and return (time_t)-1. */
static time_t
-parse_date(char *str)
+parse_date(char *str, time_t now)
{
time_t date;
- date = get_date(str);
+ date = get_date_rel(str, now);
if (date == (time_t)-1)
error(_("Invalid date specification \"%s\".\n"), str);
return date;
@@ -178,7 +178,7 @@ parse_interval(char *str, time_t now)
if (krb5_string_to_deltat(str, &delta) == 0)
return delta;
- date = parse_date(str);
+ date = parse_date(str, now);
if (date == (time_t)-1)
return date;
@@ -1020,7 +1020,7 @@ kadmin_parse_princ_args(int argc, char *argv[], kadm5_principal_ent_t oprinc,
if (!strcmp("-expire", argv[i])) {
if (++i > argc - 2)
return -1;
- date = parse_date(argv[i]);
+ date = parse_date(argv[i], now);
if (date == (time_t)-1)
return -1;
oprinc->princ_expire_time = date;
@@ -1030,7 +1030,7 @@ kadmin_parse_princ_args(int argc, char *argv[], kadm5_principal_ent_t oprinc,
if (!strcmp("-pwexpire", argv[i])) {
if (++i > argc - 2)
return -1;
- date = parse_date(argv[i]);
+ date = parse_date(argv[i], now);
if (date == (time_t)-1)
return -1;
oprinc->pw_expiration = date;
diff --git a/src/kadmin/cli/kadmin.h b/src/kadmin/cli/kadmin.h
index 72bda93..54a4818 100644
--- a/src/kadmin/cli/kadmin.h
+++ b/src/kadmin/cli/kadmin.h
@@ -78,7 +78,7 @@ randkey_princ(void *lhandle, krb5_principal princ, krb5_boolean keepold,
#endif
#endif
-extern time_t get_date(char *);
+extern time_t get_date_rel(char *, time_t);
/* Yucky global variables */
extern krb5_context context;
More information about the cvs-krb5
mailing list