forked from quic-go/quic-go
prevent int64 overflow when reading the expiry date of the server config
This commit is contained in:
Marten Seemann
@@ -4,10 +4,12 @@ import (
|
||||
"bytes"
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"math"
|
||||
"time"
|
||||
|
||||
"github.com/lucas-clemente/quic-go/crypto"
|
||||
"github.com/lucas-clemente/quic-go/qerr"
|
||||
"github.com/lucas-clemente/quic-go/utils"
|
||||
)
|
||||
|
||||
type serverConfigClient struct {
|
||||
@@ -127,7 +129,10 @@ func (s *serverConfigClient) parseValues(tagMap map[Tag][]byte) error {
|
||||
if len(expy) != 8 {
|
||||
return qerr.Error(qerr.CryptoInvalidValueLength, "EXPY")
|
||||
}
|
||||
s.expiry = time.Unix(int64(binary.LittleEndian.Uint64(expy)), 0)
|
||||
// make sure that the value doesn't overflow an int64
|
||||
// furthermore, values close to MaxInt64 are not a valid input to time.Unix, thus set MaxInt64/2 as the maximum value here
|
||||
expyTimestamp := utils.MinUint64(binary.LittleEndian.Uint64(expy), math.MaxInt64/2)
|
||||
s.expiry = time.Unix(int64(expyTimestamp), 0)
|
||||
|
||||
// TODO: implement VER
|
||||
|
||||
|
||||
@@ -235,6 +235,13 @@ var _ = Describe("Server Config", func() {
|
||||
err := scfg.parseValues(tagMap)
|
||||
Expect(err).To(MatchError("CryptoInvalidValueLength: EXPY"))
|
||||
})
|
||||
|
||||
It("deals with absurdly large timestamps", func() {
|
||||
tagMap[TagEXPY] = bytes.Repeat([]byte{0xff}, 8) // this would overflow the int64
|
||||
err := scfg.parseValues(tagMap)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(scfg.expiry.After(time.Now())).To(BeTrue())
|
||||
})
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
@@ -34,6 +34,14 @@ func MaxUint64(a, b uint64) uint64 {
|
||||
return a
|
||||
}
|
||||
|
||||
// MinUint64 returns the maximum of two uint64
|
||||
func MinUint64(a, b uint64) uint64 {
|
||||
if a < b {
|
||||
return a
|
||||
}
|
||||
return b
|
||||
}
|
||||
|
||||
// Min returns the minimum of two Ints
|
||||
func Min(a, b int) int {
|
||||
if a < b {
|
||||
|
||||
@@ -25,6 +25,11 @@ var _ = Describe("Min / Max", func() {
|
||||
Expect(MaxUint64(7, 5)).To(Equal(uint64(7)))
|
||||
})
|
||||
|
||||
It("returns the minimum uint64", func() {
|
||||
Expect(MinUint64(5, 7)).To(Equal(uint64(5)))
|
||||
Expect(MinUint64(7, 5)).To(Equal(uint64(5)))
|
||||
})
|
||||
|
||||
It("returns the maximum int64", func() {
|
||||
Expect(MaxInt64(5, 7)).To(Equal(int64(7)))
|
||||
Expect(MaxInt64(7, 5)).To(Equal(int64(7)))
|
||||
|
||||
Reference in New Issue
Block a user