Project

General

Profile

Actions

Feature #3065

open

tls_cert_XX keywords date format parsing error

Added by Min-Gyu Jeon about 6 years ago. Updated 2 days ago.

Status:
Assigned
Priority:
Normal
Target version:
Effort:
low
Difficulty:
low
Label:

Description

Summary

  • For tls_cert_XXX keywords, the "YYYY" date format is not supported.

Details

  • Cause
    • detect-tls-cert-validity.c : DateStringToEpoch()
      In this function, the YYYY format do not exist in the pattern list.
      Furthermore, since integer values are converted ahead of pattern checking,
      patterns like YYYY are converted to time_t and do not throw error.
    • ex) tls_cert_notafter:<2019
      => epoch = 2019 (if was intended, should be a time_t value of year 2019)
  • How to Fix
    • Add the YYYY format to the pattern list
    • remove/move the integer convertion section
Actions #1

Updated by Andreas Herz about 6 years ago

  • Target version changed from 5.0beta1 to TBD

Are you willing to submit a PR for that?

Actions #2

Updated by Min-Gyu Jeon about 6 years ago

  • Sure, I will submit it within this week.
Actions #3

Updated by Andreas Herz about 6 years ago

  • Status changed from New to Assigned

That's great, thank you

Actions #5

Updated by Min-Gyu Jeon about 6 years ago

Min-Gyu Jeon wrote:

on rework due to unittest error

Actions #7

Updated by Philippe Antoine 4 days ago

  • Assignee changed from Min-Gyu Jeon to Philippe Antoine
  • Target version changed from TBD to 9.0.0-beta1
Actions #8

Updated by Philippe Antoine 2 days ago

  • Tracker changed from Bug to Feature
  • Affected Versions deleted (4.1.4)
Actions

Also available in: Atom PDF