Hi,
I am having an issue where the user uploads a certificate with validity period of 25 years which turns out to be year 2045. But the expiry date value wraps around due to overflow and the final time generated is year 1908. Time value is represented as number of seconds since the start of the Unix epoch. This happens when certificates are listed in GUI by fetching the properties using Redfish (https://github.com/openbmc/bmcweb/blob/master/redfish-core/lib/certificate_service.hpp#L659)
As time_t data structure is defined as int32 it can hold up to a maximum value of 2147483647 which covers certificate validity up to 2038.
Any certificate which is uploaded with expiry year greater than 2038, the seconds value in time_t wraps around and will generate a negative value, which when used expiry date value will be less than 1970.
Example:
Mar 10 15:03:49 w5 bmcweb[170]: bmcweb not after 2366947077
Mar 10 15:03:49 w5 bmcweb[170]: bmcweb not after 1908-11-26T22:49:41+00:00
Probable solutions
1) Do nothing as the chances of uploading a certificate with expiry date > 18 chances never happen
2) Return error to the caller if the expirty date is greater than 2038.
Would like community feedback on this