Invalid test for certlist->signing_time in build_signed_data_attributes in cms.c
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	t8m
	Oct 23 2018, 4:53 PM

Description

The test here:
https://dev.gnupg.org/source/libksba/browse/master/src/cms.c;af99234b21c98ad1a4eaf2b72fb52de67beba9d3$2513

is invalid because the certlist->signing_time is array and thus the test is always true. But probably the check should be for non-empty certlist->signing_time meaning the test should be certlist->signing_time[0] != '\0'

Revisions and Commits

rK libksba
	rKa0bbba1c4928 Fix test for existence of the signing_time

Event Timeline

t8m created this task.Oct 23 2018, 4:53 PM

t8m created this object in space S1 Public.

Thanks. That code is from 2001 and whne I changed to another time representaion in 2003 (due certs with 40 years expiration time) I missed to changed that condition.

• werner added a commit: rKa0bbba1c4928: Fix test for existence of the signing_time.Oct 24 2018, 2:13 AM

Invalid test for certlist->signing_time in build_signed_data_attributes in cms.cClosed, ResolvedPublicActions

Description

Revisions and Commits

Event Timeline

Invalid test for certlist->signing_time in build_signed_data_attributes in cms.c
Closed, ResolvedPublic
Actions