mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-04-12 16:06:42 +02:00
132a89eb0d
Fix a test failure on 32-bit arches.
```
=== RUN TestParseInvalidExpiry
expiry_test.go:138: Invalid expiry '2147483647 days' did not have
expected value (wanted: 2017-01-01 00:00:00 +0000 UTC, got:
-5877594-06-22 00:00:00 +0000 UTC)
--- FAIL: TestParseInvalidExpiry (0.00s)
=== RUN TestRevokeCmd
--- PASS: TestRevokeCmd (2.58s)
FAIL
FAIL github.com/square/certstrap/cmd 2.592s
```
20 lines
1 KiB
Diff
20 lines
1 KiB
Diff
`time.AddDate()` returns a negative value on 32-bit arches in the '2147483647
|
|
days' TestParseInvalidExpiry test case. `parseExpiry()` already checks for
|
|
large positive year values, but has no lower bound. For checks, years should
|
|
not be negative values — set a minimum value to return the correct error
|
|
message.
|
|
--- a/cmd/expiry.go
|
|
+++ b/cmd/expiry.go
|
|
@@ -51,8 +51,10 @@
|
|
|
|
// ASN.1 (encoding format used by SSL) only supports up to year 9999
|
|
// https://www.openssl.org/docs/man1.1.0/crypto/ASN1_TIME_check.html
|
|
- if result.Year() > 9999 {
|
|
- return now, fmt.Errorf("proposed date too far in to the future: %s. Expiry year must be less than or equal to 9999", result)
|
|
+ // Additionally set a minimum value to avoid integer overflow on AddDate
|
|
+ // https://github.com/golang/go/issues/20678
|
|
+ if result.Year() >= 9999 || result.Year() <= 0 {
|
|
+ return now, fmt.Errorf("proposed date too far in to the future: %s. Expiry year must be greater than or equal to 0 and less than or equal to 9999", result)
|
|
}
|
|
|
|
return result, nil
|