From cf6e4cae6e43f06cb1d173576d155952440db2fc Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 22 Apr 2016 15:23:04 -0400 Subject: [PATCH] Fix minor race in kadmin time interval parsing When parsing kadmin time intervals using getdate.y relative time formats, make sure the same timestamp is added to and substracted from the relative value. To accomplish this, rename get_date() to get_date_rel() with a second parameter for the current time, and make get_date() a wrapper with the current signature for the benefit of kdb5_util and kdb5_ldap_util. ticket: 8393 --- src/kadmin/cli/getdate.y | 12 ++++++++++-- src/kadmin/cli/kadmin.c | 10 +++++----- src/kadmin/cli/kadmin.h | 2 +- 3 files changed, 16 insertions(+), 8 deletions(-) diff --git a/src/kadmin/cli/getdate.y b/src/kadmin/cli/getdate.y index fc0a403e20..4f0c56f7eb 100644 --- a/src/kadmin/cli/getdate.y +++ b/src/kadmin/cli/getdate.y @@ -863,10 +863,11 @@ difftm(struct tm *a, struct tm *b) #include int yyparse(void); +time_t get_date_rel(char *, time_t); time_t get_date(char *); time_t -get_date(char *p) +get_date_rel(char *p, time_t nowtime) { struct my_timeb *now = NULL; struct tm *tm, gmt; @@ -880,7 +881,7 @@ get_date(char *p) if (now == NULL) { now = &ftz; - ftz.time = time((time_t *) 0); + ftz.time = nowtime; if (! (tm = gmtime (&ftz.time))) return -1; @@ -1017,6 +1018,13 @@ get_date(char *p) } +time_t +get_date(char *p) +{ + return get_date_rel(p, time(NULL)); +} + + #if defined(TEST) /* ARGSUSED */ diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c index d791ceeb82..62786b1e09 100644 --- a/src/kadmin/cli/kadmin.c +++ b/src/kadmin/cli/kadmin.c @@ -154,11 +154,11 @@ strdate(krb5_timestamp when) /* Parse a date string using getdate.y. On failure, output an error message * and return (time_t)-1. */ static time_t -parse_date(char *str) +parse_date(char *str, time_t now) { time_t date; - date = get_date(str); + date = get_date_rel(str, now); if (date == (time_t)-1) error(_("Invalid date specification \"%s\".\n"), str); return date; @@ -178,7 +178,7 @@ parse_interval(char *str, time_t now) if (krb5_string_to_deltat(str, &delta) == 0) return delta; - date = parse_date(str); + date = parse_date(str, now); if (date == (time_t)-1) return date; @@ -1020,7 +1020,7 @@ kadmin_parse_princ_args(int argc, char *argv[], kadm5_principal_ent_t oprinc, if (!strcmp("-expire", argv[i])) { if (++i > argc - 2) return -1; - date = parse_date(argv[i]); + date = parse_date(argv[i], now); if (date == (time_t)-1) return -1; oprinc->princ_expire_time = date; @@ -1030,7 +1030,7 @@ kadmin_parse_princ_args(int argc, char *argv[], kadm5_principal_ent_t oprinc, if (!strcmp("-pwexpire", argv[i])) { if (++i > argc - 2) return -1; - date = parse_date(argv[i]); + date = parse_date(argv[i], now); if (date == (time_t)-1) return -1; oprinc->pw_expiration = date; diff --git a/src/kadmin/cli/kadmin.h b/src/kadmin/cli/kadmin.h index 72bda938b1..54a4818f72 100644 --- a/src/kadmin/cli/kadmin.h +++ b/src/kadmin/cli/kadmin.h @@ -78,7 +78,7 @@ randkey_princ(void *lhandle, krb5_principal princ, krb5_boolean keepold, #endif #endif -extern time_t get_date(char *); +extern time_t get_date_rel(char *, time_t); /* Yucky global variables */ extern krb5_context context; -- 2.47.2