tor-commits October 2014

tor-commits@lists.torproject.org

26 participants
1551 discussions

[translation/tails-iuk] Update translations for tails-iuk
by translation＠torproject.org 22 Oct '14

22 Oct '14

commit d60ed0a3a1a11fc39b4e70bad8f2388f02ea3dae Author: Translation commit bot <translation(a)torproject.org> Date: Wed Oct 22 05:16:32 2014 +0000 Update translations for tails-iuk --- sl_SI.po | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/sl_SI.po b/sl_SI.po index 9048603..b7a22c5 100644 --- a/sl_SI.po +++ b/sl_SI.po @@ -3,13 +3,14 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# Dušan <dusan.k(a)zoho.com>, 2014 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers <tails(a)boum.org>\n" -"POT-Creation-Date: 2014-09-18 21:27-0700\n" -"PO-Revision-Date: 2014-09-19 09:58+0000\n" -"Last-Translator: runasand <runa.sandvik(a)gmail.com>\n" +"POT-Creation-Date: 2014-10-08 21:09+0200\n" +"PO-Revision-Date: 2014-10-22 05:15+0000\n" +"Last-Translator: Dušan <dusan.k(a)zoho.com>\n" "Language-Team: Slovenian (Slovenia) (http://www.transifex.com/projects/p/torproject/language/sl_SI/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -20,11 +21,11 @@ msgstr "" #: ../lib/Tails/IUK/Frontend.pm:146 ../lib/Tails/IUK/Frontend.pm:523 #: ../lib/Tails/IUK/Frontend.pm:667 msgid "For debugging information, see /home/amnesia/.xsession-errors" -msgstr "" +msgstr "Za info razhroščevanja poglejte /home/amnesia/.xsession-error" #: ../lib/Tails/IUK/Frontend.pm:216 msgid "Error while checking for upgrades" -msgstr "" +msgstr "Napaka med preverjanjem nadgradnje" #: ../lib/Tails/IUK/Frontend.pm:219 msgid "" @@ -33,23 +34,23 @@ msgid "" "Check your network connection, and restart Tails to try upgrading again.\n" "\n" "If the problem persists, go to file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" -msgstr "" +msgstr " Ni mogoče ugotoviti, ali je na voljo nadgradnja na našem spletnem mestu. \n\n\nPreverite omrežno povezavo in ponovno zaženite Sledi za ponovno nadgradnjo.\n\nČe težava ne izgine, pojdite na datoteko: ///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" #: ../lib/Tails/IUK/Frontend.pm:234 msgid "no automatic upgrade is available from our website for this version" -msgstr "" +msgstr "ni avtomatske nadgradnje za to verzijo na mašem spletnem mestu" #: ../lib/Tails/IUK/Frontend.pm:240 msgid "your device was not created using Tails Installer" -msgstr "" +msgstr "vaša naprava ni bila narejena z uporabo nameščevalnika Sledi " #: ../lib/Tails/IUK/Frontend.pm:245 msgid "Tails was started from a DVD or a read-only device" -msgstr "" +msgstr "Sledi so zagnane iz DVD-ja ali read-only naprave" #: ../lib/Tails/IUK/Frontend.pm:250 msgid "there is not enough free space on the Tails system partition" -msgstr "" +msgstr "ni dovolj prostega v sistemski particiji Sledi" #: ../lib/Tails/IUK/Frontend.pm:255 msgid "not enough memory is available on this system"

1 0

[tor-messenger-build/master] Use the latest libotr release
by arlo＠torproject.org 22 Oct '14

22 Oct '14

commit 7997e46490641c2494cc447ae5ce5f2a7a9b672a Author: Arlo Breault <arlolra(a)gmail.com> Date: Tue Oct 21 18:10:53 2014 -0700 Use the latest libotr release --- projects/libotr/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/libotr/config b/projects/libotr/config index c98b84e..d808170 100644 --- a/projects/libotr/config +++ b/projects/libotr/config @@ -1,4 +1,4 @@ -version: 4.0.0 +version: 4.1.0 filename: 'libotr-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' remote_docker: 1 lsb_release:

1 0

[translation/tails-misc] Update translations for tails-misc
by translation＠torproject.org 22 Oct '14

22 Oct '14

commit 5dd7070dad5c9ae4205556e097252c79b5daf769 Author: Translation commit bot <translation(a)torproject.org> Date: Wed Oct 22 00:18:15 2014 +0000 Update translations for tails-misc --- ro.po | 45 +++++++++++++++++++++++---------------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/ro.po b/ro.po index 11b0500..ad28aea 100644 --- a/ro.po +++ b/ro.po @@ -6,6 +6,7 @@ # Andrei Draga, 2013 # Draga Bianca - Madalina <dragabianca(a)yahoo.com>, 2014 # Nicola Radu <estonyte(a)yahoo.com>, 2014 +# Paul Ionut Anton, 2014 # Roxana Ardelean <roxana.ene(a)gmail.com>, 2014 # titus <titus0818(a)gmail.com>, 2014 # clopotel <yo_sergiu05(a)yahoo.com>, 2014 @@ -13,9 +14,9 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2014-10-10 13:00+0200\n" -"PO-Revision-Date: 2014-10-15 19:50+0000\n" -"Last-Translator: titus <titus0818(a)gmail.com>\n" +"POT-Creation-Date: 2014-10-15 17:57+0200\n" +"PO-Revision-Date: 2014-10-21 23:59+0000\n" +"Last-Translator: Paul Ionut Anton\n" "Language-Team: Romanian (http://www.transifex.com/projects/p/torproject/language/ro/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -29,7 +30,7 @@ msgstr "Tor este pregătit" #: config/chroot_local-includes/etc/NetworkManager/dispatcher.d/60-tor-ready-notification.sh:43 msgid "You can now access the Internet." -msgstr "Acum puteti accesa internetul" +msgstr "Acum puteți accesa Internetul." #: config/chroot_local-includes/etc/whisperback/config.py:64 #, python-format @@ -162,9 +163,9 @@ msgstr[2] "Urmatoarele chei selectate nu sunt in totalitate de incredere:" #: config/chroot_local-includes/usr/local/bin/gpgApplet:569 msgid "Do you trust this key enough to use it anyway?" msgid_plural "Do you trust these keys enough to use them anyway?" -msgstr[0] "" -msgstr[1] "" -msgstr[2] "" +msgstr[0] "Aveți încredere în această cheie încât să o folosiți oricum?" +msgstr[1] "Aveți încredere în aceste chei astfel încât să le folosiți oricum?" +msgstr[2] "Aveți încredere în alte chei astfel încât să le folosiți oricum?" #: config/chroot_local-includes/usr/local/bin/gpgApplet:582 msgid "No keys selected" @@ -310,12 +311,12 @@ msgid "" msgstr "" #: config/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper:19 -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:60 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:62 msgid "error:" msgstr "eroare:" #: config/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper:20 -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:61 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:63 msgid "Error" msgstr "Eroare" @@ -365,63 +366,63 @@ msgstr "Porniti Browserul Tor" msgid "Cancel" msgstr "Anulare" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:71 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:73 msgid "Do you really want to launch the Unsafe Browser?" msgstr "Sigur vreti sa lansati browser-ul neprotejat? " -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:73 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:75 msgid "" "Network activity within the Unsafe Browser is not anonymous. Only use" " the Unsafe Browser if necessary, for example if you have to login or " "register to activate your Internet connection." msgstr "Activitatea internetului in browser-ul neprotejat este , nu anonimul . Folositi doar" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:74 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:76 msgid "_Launch" msgstr "_Lansare" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:75 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:77 msgid "_Exit" msgstr "_Iesire" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:85 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:87 msgid "Starting the Unsafe Browser..." msgstr "Porniti browser-ul neprotejat" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:86 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:88 msgid "This may take a while, so please be patient." msgstr "Ar putea dura. Va rugam sa aveti putina rabdare. " -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:104 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:106 msgid "Failed to setup chroot." msgstr "A eșuat configurarea chroot." -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:184 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:180 #: ../config/chroot_local-includes/usr/share/applications/unsafe-browser.desktop.in.h:1 msgid "Unsafe Browser" msgstr "Browser neprotejat" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:240 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:236 msgid "Shutting down the Unsafe Browser..." msgstr "Browser-ul neprotejat se inchide" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:241 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:237 msgid "" "This may take a while, and you may not restart the Unsafe Browser until it " "is properly shut down." msgstr "" -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:253 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:249 msgid "Failed to restart Tor." msgstr "Tor nu s-a putut reporni. " -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:261 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:257 msgid "" "Another Unsafe Browser is currently running, or being cleaned up. Please " "retry in a while." msgstr "Un alt navigator nesigur rulează curent, sau în curs de curățat. Reâncercați peste puțin." -#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:274 +#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:270 msgid "" "No DNS server was obtained through DHCP or manually configured in " "NetworkManager."

1 0

[tor/master] give dist-master an alias
by arma＠torproject.org 21 Oct '14

21 Oct '14

commit 71613993e0f9c015d33f1405187a5c5828987ea2 Author: Roger Dingledine <arma(a)torproject.org> Date: Tue Oct 21 16:01:29 2014 -0400 give dist-master an alias --- doc/HACKING | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/doc/HACKING b/doc/HACKING index e758ffa..5c71b74 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -556,12 +556,11 @@ in their approved versions list. git push origin tag tor-0.2.x.y-status 8a) scp the tarball and its sig to the dist website, i.e. -/srv/dist-master.torproject.org/htdocs/ on staticiforme. When you want +/srv/dist-master.torproject.org/htdocs/ on dist-master. When you want it to go live, you run "static-update-component dist.torproject.org" -on staticiforme. +on dist-master. -8b) - Edit "include/versions.wmi" and "Makefile" to note the new version. +8b) Edit "include/versions.wmi" and "Makefile" to note the new version. 9) Email the packagers (cc'ing tor-assistants) that a new tarball is up.

1 0

[tor/master] Conditionally compile time testing code based on integer size
by nickm＠torproject.org 21 Oct '14

21 Oct '14

commit a1c6a40c22736aa66ce59341689392ed80cdd2dc Author: teor <teor2345(a)gmail.com> Date: Tue Oct 21 08:44:10 2014 +1100 Conditionally compile time testing code based on integer size --- src/test/test_util.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/test/test_util.c b/src/test/test_util.c index c95b861..e1f77b9 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -333,7 +333,7 @@ test_util_time(void *arg) a_time.tm_year = -1-1900; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); - if (sizeof(a_time.tm_year) == 4 || sizeof(a_time.tm_year) == 8) { +#if SIZEOF_INT == 4 || SIZEOF_INT == 8 a_time.tm_year = -1*(1 << 16); tt_int_op((time_t) -1,==, tor_timegm(&a_time)); @@ -344,10 +344,10 @@ test_util_time(void *arg) a_time.tm_year = INT32_MIN; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); - } +#endif - if (sizeof(a_time.tm_year) == 8) { - a_time.tm_year = -1L*(1L << 48L); +#if SIZEOF_INT == 8 + a_time.tm_year = -1*(1 << 48); tt_int_op((time_t) -1,==, tor_timegm(&a_time)); /* while unlikely, the system's gmtime(_r) could return @@ -355,25 +355,25 @@ test_util_time(void *arg) * which I'm pretty sure is: * -1*(2^63)/60/60/24*2000/730485 + 1970 = -292277022657 * 730485 is the number of days in two millenia, including leap days */ - a_time.tm_year = -292277022657L-1900L; + a_time.tm_year = -292277022657-1900; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); a_time.tm_year = INT64_MIN; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); - } +#endif /* Wrong year >= INT32_MAX - 1900 */ - if (sizeof(a_time.tm_year) == 4 || sizeof(a_time.tm_year) == 8) { +#if SIZEOF_INT == 4 || SIZEOF_INT == 8 a_time.tm_year = INT32_MAX-1900; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); a_time.tm_year = INT32_MAX; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); - } +#endif - if (sizeof(a_time.tm_year) == 8) { +#if SIZEOF_INT == 8 /* one of the largest tm_year values my 64 bit system supports */ - a_time.tm_year = 292278994LL-1900LL; + a_time.tm_year = 292278994-1900; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); /* while unlikely, the system's gmtime(_r) could return @@ -381,7 +381,7 @@ test_util_time(void *arg) * which I'm pretty sure is: * (2^63-1)/60/60/24*2000/730485 + 1970 = 292277026596 * 730485 is the number of days in two millenia, including leap days */ - a_time.tm_year = 292277026596LL-1900LL; + a_time.tm_year = 292277026596-1900; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); a_time.tm_year = INT64_MAX-1900; @@ -389,7 +389,7 @@ test_util_time(void *arg) a_time.tm_year = INT64_MAX; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); - } +#endif /* month */ a_time.tm_year = 2007-1900; /* restore valid year */

1 0

[tor/master] Use correct day of year in correct_tm()
by nickm＠torproject.org 21 Oct '14

21 Oct '14

commit dd556fb1e6002a0ca3c4560ecb8545696a82e0b9 Author: teor <teor2345(a)gmail.com> Date: Mon Oct 20 02:32:05 2014 +1100 Use correct day of year in correct_tm() Set the correct day of year value in correct_tm() when the system's localtime(_r) or gmtime(_r) functions fail to set struct tm. Fixes bug 13476. --- changes/bug13476-improve-time-handling | 4 ++++ src/common/compat.c | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/changes/bug13476-improve-time-handling b/changes/bug13476-improve-time-handling new file mode 100644 index 0000000..3c50853 --- /dev/null +++ b/changes/bug13476-improve-time-handling @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Set the correct day of year value when the system's localtime(_r) + or gmtime(_r) functions fail to set struct tm. + Fixes bug 13476. diff --git a/src/common/compat.c b/src/common/compat.c index 4dd0445..f8b1d15 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -2774,7 +2774,7 @@ correct_tm(int islocal, const time_t *timep, struct tm *resultbuf, r->tm_year = 8099; r->tm_mon = 11; r->tm_mday = 31; - r->tm_yday = 365; + r->tm_yday = 364; r->tm_hour = 23; r->tm_min = 59; r->tm_sec = 59; @@ -2791,7 +2791,7 @@ correct_tm(int islocal, const time_t *timep, struct tm *resultbuf, r->tm_year = 70; /* 1970 CE */ r->tm_mon = 0; r->tm_mday = 1; - r->tm_yday = 1; + r->tm_yday = 0; r->tm_hour = 0; r->tm_min = 0 ; r->tm_sec = 0; @@ -2804,7 +2804,7 @@ correct_tm(int islocal, const time_t *timep, struct tm *resultbuf, r->tm_year = 137; /* 2037 CE */ r->tm_mon = 11; r->tm_mday = 31; - r->tm_yday = 365; + r->tm_yday = 364; r->tm_hour = 23; r->tm_min = 59; r->tm_sec = 59;

1 0

[tor/master] Improve date validation in HTTP headers
by nickm＠torproject.org 21 Oct '14

21 Oct '14

commit 238b8eaa60953a4d716ece484aaaca841b46c614 Author: teor <teor2345(a)gmail.com> Date: Mon Oct 20 02:40:27 2014 +1100 Improve date validation in HTTP headers Check all date/time values passed to tor_timegm and parse_rfc1123_time for validity, taking leap years into account. Improves HTTP header validation. Avoid unlikely signed integer overflow in tor_timegm on systems with 32-bit time_t. Fixes bug 13476. --- changes/bug13476-improve-time-handling | 8 ++++ src/common/util.c | 68 +++++++++++++++++++++++--------- 2 files changed, 58 insertions(+), 18 deletions(-) diff --git a/changes/bug13476-improve-time-handling b/changes/bug13476-improve-time-handling index 3c50853..68dc3e6 100644 --- a/changes/bug13476-improve-time-handling +++ b/changes/bug13476-improve-time-handling @@ -2,3 +2,11 @@ - Set the correct day of year value when the system's localtime(_r) or gmtime(_r) functions fail to set struct tm. Fixes bug 13476. + - Avoid unlikely signed integer overflow in tor_timegm on systems with + 32-bit time_t. + Fixes bug 13476. + o Minor enhancements (validation): + - Check all date/time values passed to tor_timegm and parse_rfc1123_time + for validity, taking leap years into account. + Improves HTTP header validation. + Implemented with bug 13476. diff --git a/src/common/util.c b/src/common/util.c index 1d9d99d..ece8aaa 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -1376,7 +1376,8 @@ n_leapdays(int y1, int y2) --y2; return (y2/4 - y1/4) - (y2/100 - y1/100) + (y2/400 - y1/400); } -/** Number of days per month in non-leap year; used by tor_timegm. */ +/** Number of days per month in non-leap year; used by tor_timegm and + * parse_rfc1123_time. */ static const int days_per_month[] = { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}; @@ -1390,10 +1391,32 @@ tor_timegm(const struct tm *tm, time_t *time_out) * It's way more brute-force than fiddling with tzset(). */ time_t year, days, hours, minutes, seconds; - int i; - year = tm->tm_year + 1900; - if (year < 1970 || tm->tm_mon < 0 || tm->tm_mon > 11 || - tm->tm_year >= INT32_MAX-1900) { + int i, invalid_year, dpm; + /* avoid int overflow on addition */ + if (tm->tm_year < INT32_MAX-1900) { + year = tm->tm_year + 1900; + } else { + /* clamp year */ + year = INT32_MAX; + } + invalid_year = (year < 1970 || tm->tm_year >= INT32_MAX-1900); + + if (tm->tm_mon >= 0 && tm->tm_mon <= 11) { + dpm = days_per_month[tm->tm_mon]; + if (tm->tm_mon == 1 && !invalid_year && IS_LEAPYEAR(tm->tm_year)) { + dpm = 29; + } + } else { + /* invalid month - default to 0 days per month */ + dpm = 0; + } + + if (invalid_year || + tm->tm_mon < 0 || tm->tm_mon > 11 || + tm->tm_mday < 1 || tm->tm_mday > dpm || + tm->tm_hour < 0 || tm->tm_hour > 23 || + tm->tm_min < 0 || tm->tm_min > 59 || + tm->tm_sec < 0 || tm->tm_sec > 60) { log_warn(LD_BUG, "Out-of-range argument to tor_timegm"); return -1; } @@ -1457,8 +1480,9 @@ parse_rfc1123_time(const char *buf, time_t *t) struct tm tm; char month[4]; char weekday[4]; - int i, m; + int i, m, invalid_year; unsigned tm_mday, tm_year, tm_hour, tm_min, tm_sec; + unsigned dpm; if (strlen(buf) != RFC1123_TIME_LEN) return -1; @@ -1471,18 +1495,6 @@ parse_rfc1123_time(const char *buf, time_t *t) tor_free(esc); return -1; } - if (tm_mday < 1 || tm_mday > 31 || tm_hour > 23 || tm_min > 59 || - tm_sec > 60 || tm_year >= INT32_MAX || tm_year < 1970) { - char *esc = esc_for_log(buf); - log_warn(LD_GENERAL, "Got invalid RFC1123 time %s", esc); - tor_free(esc); - return -1; - } - tm.tm_mday = (int)tm_mday; - tm.tm_year = (int)tm_year; - tm.tm_hour = (int)tm_hour; - tm.tm_min = (int)tm_min; - tm.tm_sec = (int)tm_sec; m = -1; for (i = 0; i < 12; ++i) { @@ -1499,6 +1511,26 @@ parse_rfc1123_time(const char *buf, time_t *t) } tm.tm_mon = m; + invalid_year = (tm_year >= INT32_MAX || tm_year < 1970); + tor_assert(m >= 0 && m <= 11); + dpm = days_per_month[m]; + if (m == 1 && !invalid_year && IS_LEAPYEAR(tm_year)) { + dpm = 29; + } + + if (invalid_year || tm_mday < 1 || tm_mday > dpm || + tm_hour > 23 || tm_min > 59 || tm_sec > 60) { + char *esc = esc_for_log(buf); + log_warn(LD_GENERAL, "Got invalid RFC1123 time %s", esc); + tor_free(esc); + return -1; + } + tm.tm_mday = (int)tm_mday; + tm.tm_year = (int)tm_year; + tm.tm_hour = (int)tm_hour; + tm.tm_min = (int)tm_min; + tm.tm_sec = (int)tm_sec; + if (tm.tm_year < 1970) { char *esc = esc_for_log(buf); log_warn(LD_GENERAL,

1 0

[tor/master] Further unit test tor_timegm and parse_rfc1123_time
by nickm＠torproject.org 21 Oct '14

21 Oct '14

commit 879b39e1a8ae11060acd4db142f6d9d619e351a3 Author: teor <teor2345(a)gmail.com> Date: Mon Oct 20 02:52:21 2014 +1100 Further unit test tor_timegm and parse_rfc1123_time Add unit tests for tor_timegm signed overflow, tor_timegm and parse_rfc1123_time validity checks, and correct_tm year clamping. Unit tests (visible) fixes in bug 13476. --- changes/bug13476-improve-time-handling | 9 +- src/test/test_util.c | 264 ++++++++++++++++++++++++++++++-- 2 files changed, 254 insertions(+), 19 deletions(-) diff --git a/changes/bug13476-improve-time-handling b/changes/bug13476-improve-time-handling index 1fe60c6..94ab95b 100644 --- a/changes/bug13476-improve-time-handling +++ b/changes/bug13476-improve-time-handling @@ -1,6 +1,6 @@ o Minor bugfixes: - Set the correct day of year value when the system's localtime(_r) - or gmtime(_r) functions fail to set struct tm. + or gmtime(_r) functions fail to set struct tm. Not externally visible. Fixes bug 13476. - Avoid unlikely signed integer overflow in tor_timegm on systems with 32-bit time_t. @@ -11,5 +11,10 @@ Improves HTTP header validation. Implemented with bug 13476. - Clamp year values returned by system localtime(_r) and gmtime(_r) - to year 1. This ensures tor can read any values it might write out. + to year 1 in correct_tm. This ensures tor can read any values it + writes out. Fixes bug 13476. + o Minor enhancements (testing): + - Add unit tests for tor_timegm signed overflow, tor_timegm and + parse_rfc1123_time validity checks, correct_tm year clamping. + Unit tests (visible) fixes in bug 13476. diff --git a/src/test/test_util.c b/src/test/test_util.c index eb169f4..c95b861 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -229,11 +229,24 @@ test_util_write_chunks_to_file(void *arg) tor_free(temp_str); } +#define _TFE(a, b, f) tt_int_op((a).f, ==, (b).f) +/** test the minimum set of struct tm fields needed for a unique epoch value + * this is also the set we use to test tor_timegm */ +#define TM_EQUAL(a, b) \ + TT_STMT_BEGIN \ + _TFE(a, b, tm_year); \ + _TFE(a, b, tm_mon ); \ + _TFE(a, b, tm_mday); \ + _TFE(a, b, tm_hour); \ + _TFE(a, b, tm_min ); \ + _TFE(a, b, tm_sec ); \ + TT_STMT_END + static void test_util_time(void *arg) { struct timeval start, end; - struct tm a_time; + struct tm a_time, b_time; char timestr[128]; time_t t_res; int i; @@ -266,32 +279,252 @@ test_util_time(void *arg) tt_int_op(-1005000L,==, tv_udiff(&start, &end)); - /* Test tor_timegm */ + /* Test tor_timegm & tor_gmtime_r */ /* The test values here are confirmed to be correct on a platform - * with a working timegm. */ + * with a working timegm & gmtime_r. */ + + /* Start with known-zero a_time and b_time. + * This avoids passing uninitialised values to TM_EQUAL in a_time. + * Zeroing may not be needed for b_time, as long as tor_gmtime_r + * never reads the existing values in the structure. + * But we really don't want intermittently failing tests. */ + memset(&a_time, 0, sizeof(struct tm)); + memset(&b_time, 0, sizeof(struct tm)); + a_time.tm_year = 2003-1900; a_time.tm_mon = 7; a_time.tm_mday = 30; a_time.tm_hour = 6; a_time.tm_min = 14; a_time.tm_sec = 55; - tt_int_op((time_t) 1062224095UL,==, tor_timegm(&a_time)); + t_res = 1062224095UL; + tt_int_op(t_res, ==, tor_timegm(&a_time)); + tor_gmtime_r(&t_res, &b_time); + TM_EQUAL(a_time, b_time); + a_time.tm_year = 2004-1900; /* Try a leap year, after feb. */ - tt_int_op((time_t) 1093846495UL,==, tor_timegm(&a_time)); + t_res = 1093846495UL; + tt_int_op(t_res, ==, tor_timegm(&a_time)); + tor_gmtime_r(&t_res, &b_time); + TM_EQUAL(a_time, b_time); + a_time.tm_mon = 1; /* Try a leap year, in feb. */ a_time.tm_mday = 10; - tt_int_op((time_t) 1076393695UL,==, tor_timegm(&a_time)); + t_res = 1076393695UL; + tt_int_op(t_res, ==, tor_timegm(&a_time)); + tor_gmtime_r(&t_res, &b_time); + TM_EQUAL(a_time, b_time); + a_time.tm_mon = 0; - a_time.tm_mday = 10; - tt_int_op((time_t) 1073715295UL,==, tor_timegm(&a_time)); + t_res = 1073715295UL; + tt_int_op(t_res, ==, tor_timegm(&a_time)); + tor_gmtime_r(&t_res, &b_time); + TM_EQUAL(a_time, b_time); + + /* Test tor_timegm out of range */ + + /* year */ + + /* Wrong year < 1970 */ + a_time.tm_year = 1969-1900; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = -1-1900; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + if (sizeof(a_time.tm_year) == 4 || sizeof(a_time.tm_year) == 8) { + a_time.tm_year = -1*(1 << 16); + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + /* one of the smallest tm_year values my 64 bit system supports: + * t_res = -9223372036854775LL without clamping */ + a_time.tm_year = -292275055-1900; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = INT32_MIN; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + } + + if (sizeof(a_time.tm_year) == 8) { + a_time.tm_year = -1L*(1L << 48L); + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + /* while unlikely, the system's gmtime(_r) could return + * a "correct" retrospective gregorian negative year value, + * which I'm pretty sure is: + * -1*(2^63)/60/60/24*2000/730485 + 1970 = -292277022657 + * 730485 is the number of days in two millenia, including leap days */ + a_time.tm_year = -292277022657L-1900L; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = INT64_MIN; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + } + + /* Wrong year >= INT32_MAX - 1900 */ + if (sizeof(a_time.tm_year) == 4 || sizeof(a_time.tm_year) == 8) { + a_time.tm_year = INT32_MAX-1900; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = INT32_MAX; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + } + + if (sizeof(a_time.tm_year) == 8) { + /* one of the largest tm_year values my 64 bit system supports */ + a_time.tm_year = 292278994LL-1900LL; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + /* while unlikely, the system's gmtime(_r) could return + * a "correct" proleptic gregorian year value, + * which I'm pretty sure is: + * (2^63-1)/60/60/24*2000/730485 + 1970 = 292277026596 + * 730485 is the number of days in two millenia, including leap days */ + a_time.tm_year = 292277026596LL-1900LL; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = INT64_MAX-1900; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = INT64_MAX; + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + } + + /* month */ + a_time.tm_year = 2007-1900; /* restore valid year */ + a_time.tm_mon = 12; /* Wrong month, it's 0-based */ - a_time.tm_mday = 10; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + a_time.tm_mon = -1; /* Wrong month */ - a_time.tm_mday = 10; tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + /* day */ + a_time.tm_mon = 6; /* Try July */ + a_time.tm_mday = 32; /* Wrong day */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_mon = 5; /* Try June */ + a_time.tm_mday = 31; /* Wrong day */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = 2008-1900; /* Try a leap year */ + a_time.tm_mon = 1; /* in feb. */ + a_time.tm_mday = 30; /* Wrong day */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_year = 2011-1900; /* Try a non-leap year */ + a_time.tm_mon = 1; /* in feb. */ + a_time.tm_mday = 29; /* Wrong day */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_mday = 0; /* Wrong day, it's 1-based (to be different) */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + /* hour */ + a_time.tm_mday = 3; /* restore valid month day */ + + a_time.tm_hour = 24; /* Wrong hour, it's 0-based */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_hour = -1; /* Wrong hour */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + /* minute */ + a_time.tm_hour = 22; /* restore valid hour */ + + a_time.tm_min = 60; /* Wrong minute, it's 0-based */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_min = -1; /* Wrong minute */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + /* second */ + a_time.tm_min = 37; /* restore valid minute */ + + a_time.tm_sec = 61; /* Wrong second: 0-based with leap seconds */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + a_time.tm_sec = -1; /* Wrong second */ + tt_int_op((time_t) -1,==, tor_timegm(&a_time)); + + /* Test tor_gmtime_r out of range */ + + /* time_t < 0 yields a year clamped to 1 or 1970, + * depending on whether the implementation of the system gmtime(_r) + * sets struct tm (1) or not (1970) */ + t_res = -1; + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (1970-1900) || + b_time.tm_year == (1969-1900)); + + if (sizeof(time_t) == 4 || sizeof(time_t) == 8) { + t_res = -1*(1 << 30); + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (1970-1900) || + b_time.tm_year == (1935-1900)); + + t_res = INT32_MIN; + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (1970-1900) || + b_time.tm_year == (1901-1900)); + } + + if (sizeof(time_t) == 8) { + /* one of the smallest tm_year values my 64 bit system supports: + * b_time.tm_year == (-292275055LL-1900LL) without clamping */ + t_res = -9223372036854775LL; + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (1970-1900) || + b_time.tm_year == (1-1900)); + + /* while unlikely, the system's gmtime(_r) could return + * a "correct" retrospective gregorian negative year value, + * which I'm pretty sure is: + * -1*(2^63)/60/60/24*2000/730485 + 1970 = -292277022657 + * 730485 is the number of days in two millenia, including leap days + * (int64_t)b_time.tm_year == (-292277022657LL-1900LL) without clamping */ + t_res = INT64_MIN; + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (1970-1900) || + b_time.tm_year == (1-1900)); + } + + /* time_t >= INT_MAX yields a year clamped to 2037 or 9999, + * depending on whether the implementation of the system gmtime(_r) + * sets struct tm (9999) or not (2037) */ + if (sizeof(time_t) == 4 || sizeof(time_t) == 8) { + t_res = 3*(1 << 29); + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (2021-1900)); + + t_res = INT32_MAX; + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (2037-1900) || + b_time.tm_year == (2038-1900)); + } + + if (sizeof(time_t) == 8) { + /* one of the largest tm_year values my 64 bit system supports: + * b_time.tm_year == (292278994L-1900L) without clamping */ + t_res = 9223372036854775LL; + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (2037-1900) || + b_time.tm_year == (9999-1900)); + + /* while unlikely, the system's gmtime(_r) could return + * a "correct" proleptic gregorian year value, + * which I'm pretty sure is: + * (2^63-1)/60/60/24*2000/730485 + 1970 = 292277026596 + * 730485 is the number of days in two millenia, including leap days + * (int64_t)b_time.tm_year == (292277026596L-1900L) without clamping */ + t_res = INT64_MAX; + tor_gmtime_r(&t_res, &b_time); + tt_assert(b_time.tm_year == (2037-1900) || + b_time.tm_year == (9999-1900)); + } + /* Test {format,parse}_rfc1123_time */ format_rfc1123_time(timestr, 0); @@ -324,13 +557,10 @@ test_util_time(void *arg) tt_int_op(-1,==, parse_rfc1123_time("Wed, 30 Mar 2011 23:59:59 GM", &t_res)); -#if 0 - /* This fails, I imagine it's important and should be fixed? */ - test_eq(-1, parse_rfc1123_time("Wed, 29 Feb 2011 16:00:00 GMT", &t_res)); - /* Why is this string valid (ie. the test fails because it doesn't - return -1)? */ - test_eq(-1, parse_rfc1123_time("Wed, 30 Mar 2011 23:59:61 GMT", &t_res)); -#endif + tt_int_op(-1,==, + parse_rfc1123_time("Wed, 29 Feb 2011 16:00:00 GMT", &t_res)); + tt_int_op(-1,==, + parse_rfc1123_time("Wed, 30 Mar 2011 23:59:61 GMT", &t_res)); /* Test parse_iso_time */

1 0

[tor/master] Clamp (some) years supplied by the system to 1 CE
by nickm＠torproject.org 21 Oct '14

21 Oct '14

commit d7b13543e2305de38f7e17e7bcd1e5174fd89152 Author: teor <teor2345(a)gmail.com> Date: Mon Oct 20 02:47:31 2014 +1100 Clamp (some) years supplied by the system to 1 CE Clamp year values returned by system localtime(_r) and gmtime(_r) to year 1. This ensures tor can read any values it might write out. Fixes bug 13476. --- changes/bug13476-improve-time-handling | 3 +++ src/common/compat.c | 12 +++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/changes/bug13476-improve-time-handling b/changes/bug13476-improve-time-handling index 68dc3e6..1fe60c6 100644 --- a/changes/bug13476-improve-time-handling +++ b/changes/bug13476-improve-time-handling @@ -10,3 +10,6 @@ for validity, taking leap years into account. Improves HTTP header validation. Implemented with bug 13476. + - Clamp year values returned by system localtime(_r) and gmtime(_r) + to year 1. This ensures tor can read any values it might write out. + Fixes bug 13476. diff --git a/src/common/compat.c b/src/common/compat.c index f8b1d15..b6fdb1a 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -2770,7 +2770,9 @@ correct_tm(int islocal, const time_t *timep, struct tm *resultbuf, const char *outcome; if (PREDICT_LIKELY(r)) { - if (r->tm_year > 8099) { /* We can't strftime dates after 9999 CE. */ + /* We can't strftime dates after 9999 CE, and we want to avoid dates + * before 1 CE (avoiding the year 0 issue and negative years). */ + if (r->tm_year > 8099) { r->tm_year = 8099; r->tm_mon = 11; r->tm_mday = 31; @@ -2778,6 +2780,14 @@ correct_tm(int islocal, const time_t *timep, struct tm *resultbuf, r->tm_hour = 23; r->tm_min = 59; r->tm_sec = 59; + } else if (r->tm_year < (1-1900)) { + r->tm_year = (1-1900); + r->tm_mon = 0; + r->tm_mday = 1; + r->tm_yday = 0; + r->tm_hour = 0; + r->tm_min = 0; + r->tm_sec = 0; } return r; }

1 0

[tor/master] Merge remote-tracking branch 'teor/bug13476-improve-time-handling'
by nickm＠torproject.org 21 Oct '14

21 Oct '14

commit 3826a88fc072f97673ee3b106f3dd1b93c875b27 Merge: e3d166b a1c6a40 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Oct 21 13:14:27 2014 -0400 Merge remote-tracking branch 'teor/bug13476-improve-time-handling' changes/bug13476-improve-time-handling | 20 +++ src/common/compat.c | 18 ++- src/common/util.c | 68 +++++--- src/test/test_util.c | 264 ++++++++++++++++++++++++++++++-- 4 files changed, 331 insertions(+), 39 deletions(-)

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits October 2014