From: Krzysztof Jackiewicz Date: Fri, 13 Sep 2013 13:04:01 +0000 (+0200) Subject: Password validity argument check added X-Git-Tag: submit/tizen/20140307.131547~68 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fc46bb3f71a6d65300ad2876b71ecd7d286f301c;p=platform%2Fcore%2Fsecurity%2Fsecurity-server.git Password validity argument check added [Issue#] N/A [Feature/Bug] N/A [Problem] tc10_security_server_set_pwd_current_pwd_max_valid_period_in_days fails [Cause] Password validity argument was not checked [Solution] Check added [Verification] Run security-server-tests-password. All should pass. Change-Id: I564ec3fcfa905c8b3ed9af620f67dec47f86fc87 --- diff --git a/src/server/security-server-password.c b/src/server/security-server-password.c index 087e12f..a8fa836 100644 --- a/src/server/security-server-password.c +++ b/src/server/security-server-password.c @@ -31,6 +31,7 @@ #include #include #include +#include #include "security-server-password.h" @@ -946,7 +947,24 @@ int process_set_pwd_request(int sockfd) if (valid_days == 0) expire_time = 0; else - expire_time = time(NULL) + (valid_days * 86400); + { + time_t t = time(NULL ); + unsigned int valid_days_max = (UINT_MAX - t) / 86400; + if (valid_days > valid_days_max) + { + SECURE_SLOGE("%s", + "Server: Max password validity exceeded (%d>%d)", valid_days, valid_days_max); + retval = send_generic_response(sockfd, + SECURITY_SERVER_MSG_TYPE_SET_PWD_RESPONSE, + SECURITY_SERVER_RETURN_CODE_BAD_REQUEST); + if (retval != SECURITY_SERVER_SUCCESS) + { + SEC_SVR_ERR("Server ERROR: Cannot send generic response: %d", retval); + } + goto error; + } + expire_time = t + (valid_days * 86400); + } /* set new password */ retval = set_password(hashed_new_pw, received_attempts, expire_time);