Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: epoch time overflow in stdnse.lua triggered by ssl-cert.nse due to long livecertificates

From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 21 May 2014 10:09:13 -0500
Andreas,

I believe that I have addressed this issue in r32871 and r32872 by skipping
the conversion to a 32-bit timestamp before formatting. Here are the
changes as a patch, if that helps:

diff --git a/nselib/stdnse.lua b/nselib/stdnse.lua
index 32acc88..7e085d6 100644
--- a/nselib/stdnse.lua
+++ b/nselib/stdnse.lua
@@ -446,9 +446,16 @@ end
 -- This function should be used for all dates emitted as part of NSE
structured
 -- output.
 function format_timestamp(t, offset)
-  local tz_string = format_tz(offset)
-  offset = offset or 0
-  return os.date("!%Y-%m-%dT%H:%M:%S", t + offset) .. tz_string
+  if type(t) == "table" then
+    return string.format(
+      "%d-%02d-%02dT%02d:%02d:%02d",
+      t.year, t.month, t.day, t.hour, t.min, t.sec
+      )
+  else
+    local tz_string = format_tz(offset)
+    offset = offset or 0
+    return os.date("!%Y-%m-%dT%H:%M:%S", t + offset) .. tz_string
+  end
 end

 --- Format the difference between times <code>t2</code> and <code>t1</code>
diff --git a/scripts/ssl-cert.nse b/scripts/ssl-cert.nse
index 0f0114f..2e766c9 100644
--- a/scripts/ssl-cert.nse
+++ b/scripts/ssl-cert.nse
@@ -137,7 +137,7 @@ function date_to_string(date)
   if type(date) == "string" then
     return string.format("Can't parse; string is \"%s\"", date)
   else
-    return stdnse.format_timestamp(stdnse.date_to_timestamp(date, 0), 0)
+    return stdnse.format_timestamp(date)
   end
 end

@@ -193,7 +193,7 @@ local function output_tab(cert)
     if type(v)=="string" then
       o.validity[k] = v
     else
-      o.validity[k] = stdnse.format_timestamp(stdnse.date_to_timestamp(v,
0), 0)
+      o.validity[k] = stdnse.format_timestamp(v)
     end
   end
   o.md5 = stdnse.tohex(cert:digest("md5"))

Dan



On Tue, Apr 22, 2014 at 2:22 AM, <andreas () bunten de> wrote:


Hi,

I got quite a few of these errors while scanning and using ssl-cert NSE
script:

| NSE: ssl-cert against xx.x.xx.xx:8443 threw an error!
| /usr/local/bin/../share/nmap/nselib/stdnse.lua:408: attempt to
|   perform arithmetic on a nil value
| stack traceback:
|   /usr/local/bin/../share/nmap/nselib/stdnse.lua:408:
|     in function 'date_to_timestamp'
|   /usr/local/bin/../share/nmap/scripts/ssl-cert.nse:196:
|     in function 'output_tab'
|   /usr/local/bin/../share/nmap/scripts/ssl-cert.nse:241:
|     in function </usr/local/bin/../share/nmap/scripts/ssl-cert.nse:235>
|   (...tail calls...)

from nmap/nselib/stdnse.lua ->

| function date_to_timestamp(date, offset)
|   offset = offset or 0
|   return os.time(date) + utc_offset(os.time(date)) - offset  <--- line
408
| end

The certificate just scanned was issued 2014-03-25 and is valid until
2044-03-17. I guess anything beyond 2038-01-19 is problematic.

Is there an easy fix?

Regards
Andreas
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: