From: Nick Mathewson <nickm@torproject.org>
Date: Fri, 28 Jul 2017 14:31:12 +0000 (-0400)
Subject: Bug 23055: cast, then multiply when doing u32*u32->u64.
X-Git-Tag: tor-0.3.2.1-alpha~206
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=769a94d9ce570b9418ab8705dc95c99f9b8c2251;p=thirdparty%2Ftor.git

Bug 23055: cast, then multiply when doing u32*u32->u64.

No backport, since this bug won't trigger until people make
certificates expiring after the Y2106 deadline.

CID 1415728
---

diff --git a/changes/bug23055 b/changes/bug23055
new file mode 100644
index 0000000000..eee1397c13
--- /dev/null
+++ b/changes/bug23055
@@ -0,0 +1,4 @@
+  o Minor bugfixes (certificate handling):
+    - Fix a time handling bug in Tor certificates set to expire after
+      the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha.
+      Found by Coverity as CID 1415728.
diff --git a/src/or/torcert.c b/src/or/torcert.c
index 658e620ca5..69b157446a 100644
--- a/src/or/torcert.c
+++ b/src/or/torcert.c
@@ -393,7 +393,7 @@ rsa_ed25519_crosscert_check(const uint8_t *crosscert,
   }
 
   const uint32_t expiration_date = rsa_ed_crosscert_get_expiration(cc);
-  const uint64_t expiration_time = expiration_date * 3600;
+  const uint64_t expiration_time = ((uint64_t)expiration_date) * 3600;
 
   if (reject_if_expired_before < 0 ||
       expiration_time < (uint64_t)reject_if_expired_before) {