Project

General

Profile

Actions

Bug #3065

open

tls_cert_XX keywords date format parsing error

Added by Min-Gyu Jeon over 4 years ago. Updated over 4 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
low
Difficulty:
low
Label:

Description

Summary

  • For tls_cert_XXX keywords, the "YYYY" date format is not supported.

Details

  • Cause
    • detect-tls-cert-validity.c : DateStringToEpoch()
      In this function, the YYYY format do not exist in the pattern list.
      Furthermore, since integer values are converted ahead of pattern checking,
      patterns like YYYY are converted to time_t and do not throw error.
    • ex) tls_cert_notafter:<2019
      => epoch = 2019 (if was intended, should be a time_t value of year 2019)
  • How to Fix
    • Add the YYYY format to the pattern list
    • remove/move the integer convertion section
Actions #1

Updated by Andreas Herz over 4 years ago

  • Target version changed from 5.0beta1 to TBD

Are you willing to submit a PR for that?

Actions #2

Updated by Min-Gyu Jeon over 4 years ago

  • Sure, I will submit it within this week.
Actions #3

Updated by Andreas Herz over 4 years ago

  • Status changed from New to Assigned

That's great, thank you

Actions #5

Updated by Min-Gyu Jeon over 4 years ago

Min-Gyu Jeon wrote:

on rework due to unittest error

Actions

Also available in: Atom PDF