[tor-commits] [tor/master] Bug 23055: cast, then multiply when doing u32*u32->u64.

[nickm at torproject.org]

commit 769a94d9ce570b9418ab8705dc95c99f9b8c2251
Author: Nick Mathewson <nickm at torproject.org>
Date:   Fri Jul 28 10:31:12 2017 -0400

    Bug 23055: cast, then multiply when doing u32*u32->u64.
    
    No backport, since this bug won't trigger until people make
    certificates expiring after the Y2106 deadline.
    
    CID 1415728
---
 changes/bug23055 | 4 ++++
 src/or/torcert.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/changes/bug23055 b/changes/bug23055
new file mode 100644
index 000000000..eee1397c1
--- /dev/null
+++ b/changes/bug23055
@@ -0,0 +1,4 @@
+  o Minor bugfixes (certificate handling):
+    - Fix a time handling bug in Tor certificates set to expire after
+      the year 2106. Fixes bug 23055; bugfix on 0.3.0.1-alpha.
+      Found by Coverity as CID 1415728.
diff --git a/src/or/torcert.c b/src/or/torcert.c
index 658e620ca..69b157446 100644
--- a/src/or/torcert.c
+++ b/src/or/torcert.c
@@ -393,7 +393,7 @@ rsa_ed25519_crosscert_check(const uint8_t *crosscert,
   }
 
   const uint32_t expiration_date = rsa_ed_crosscert_get_expiration(cc);
-  const uint64_t expiration_time = expiration_date * 3600;
+  const uint64_t expiration_time = ((uint64_t)expiration_date) * 3600;
 
   if (reject_if_expired_before < 0 ||
       expiration_time < (uint64_t)reject_if_expired_before) {