Nmap Development mailing list archives
Re: epoch time overflow in stdnse.lua triggered by ssl-cert.nse due to long livecertificates
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 21 May 2014 10:09:13 -0500
Andreas, I believe that I have addressed this issue in r32871 and r32872 by skipping the conversion to a 32-bit timestamp before formatting. Here are the changes as a patch, if that helps: diff --git a/nselib/stdnse.lua b/nselib/stdnse.lua index 32acc88..7e085d6 100644 --- a/nselib/stdnse.lua +++ b/nselib/stdnse.lua @@ -446,9 +446,16 @@ end -- This function should be used for all dates emitted as part of NSE structured -- output. function format_timestamp(t, offset) - local tz_string = format_tz(offset) - offset = offset or 0 - return os.date("!%Y-%m-%dT%H:%M:%S", t + offset) .. tz_string + if type(t) == "table" then + return string.format( + "%d-%02d-%02dT%02d:%02d:%02d", + t.year, t.month, t.day, t.hour, t.min, t.sec + ) + else + local tz_string = format_tz(offset) + offset = offset or 0 + return os.date("!%Y-%m-%dT%H:%M:%S", t + offset) .. tz_string + end end --- Format the difference between times <code>t2</code> and <code>t1</code> diff --git a/scripts/ssl-cert.nse b/scripts/ssl-cert.nse index 0f0114f..2e766c9 100644 --- a/scripts/ssl-cert.nse +++ b/scripts/ssl-cert.nse @@ -137,7 +137,7 @@ function date_to_string(date) if type(date) == "string" then return string.format("Can't parse; string is \"%s\"", date) else - return stdnse.format_timestamp(stdnse.date_to_timestamp(date, 0), 0) + return stdnse.format_timestamp(date) end end @@ -193,7 +193,7 @@ local function output_tab(cert) if type(v)=="string" then o.validity[k] = v else - o.validity[k] = stdnse.format_timestamp(stdnse.date_to_timestamp(v, 0), 0) + o.validity[k] = stdnse.format_timestamp(v) end end o.md5 = stdnse.tohex(cert:digest("md5")) Dan On Tue, Apr 22, 2014 at 2:22 AM, <andreas () bunten de> wrote:
Hi, I got quite a few of these errors while scanning and using ssl-cert NSE script: | NSE: ssl-cert against xx.x.xx.xx:8443 threw an error! | /usr/local/bin/../share/nmap/nselib/stdnse.lua:408: attempt to | perform arithmetic on a nil value | stack traceback: | /usr/local/bin/../share/nmap/nselib/stdnse.lua:408: | in function 'date_to_timestamp' | /usr/local/bin/../share/nmap/scripts/ssl-cert.nse:196: | in function 'output_tab' | /usr/local/bin/../share/nmap/scripts/ssl-cert.nse:241: | in function </usr/local/bin/../share/nmap/scripts/ssl-cert.nse:235> | (...tail calls...) from nmap/nselib/stdnse.lua -> | function date_to_timestamp(date, offset) | offset = offset or 0 | return os.time(date) + utc_offset(os.time(date)) - offset <--- line 408 | end The certificate just scanned was issued 2014-03-25 and is valid until 2044-03-17. I guess anything beyond 2038-01-19 is problematic. Is there an easy fix? Regards Andreas _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- epoch time overflow in stdnse.lua triggered by ssl-cert.nse due to long livecertificates andreas (Apr 22)
- Re: epoch time overflow in stdnse.lua triggered by ssl-cert.nse due to long livecertificates Daniel Miller (May 21)