Commit 8eff5122 authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard
Browse files

Fix possible signedness issue in time comparison

parent 0849a0a9
...@@ -387,11 +387,16 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, ...@@ -387,11 +387,16 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
goto cleanup; goto cleanup;
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
/* Check if still valid */
if( ( time( NULL) - session->start ) > ctx->ticket_lifetime )
{ {
ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; /* Check for expiration */
goto cleanup; time_t current_time = time( NULL );
if( current_time < session->start ||
(uint32_t)( current_time - session->start ) > ctx->ticket_lifetime )
{
ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
goto cleanup;
}
} }
#endif #endif
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment