From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Date: Wed, 15 Jun 2022 08:07:12 +0000 (+0800)
Subject: crypto/asn1/a_time.c: Add check for OPENSSL_malloc
X-Git-Tag: openssl-3.2.0-alpha1~2515
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8547cd6790881cbba0f20aa4ce048243065a24bf;p=thirdparty%2Fopenssl.git

crypto/asn1/a_time.c: Add check for OPENSSL_malloc

As the potential failure of the OPENSSL_malloc(),
timestamp_tm could be NULL and be used in ASN1_TIME_to_tm()
without check.
Therefore, it should be better to check the return value of
OPENSSL_malloc() and return error if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18575)
---

diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index 4b9a0641fb1..a92cdaa89e4 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -618,7 +618,10 @@ time_t asn1_string_to_time_t(const char *asn1_string)
     }
 
     timestamp_tm = OPENSSL_malloc(sizeof(*timestamp_tm));
-
+    if (timestamp_tm == NULL) {
+        ASN1_TIME_free(timestamp_asn1);
+        return -1;
+    }
     if (!(ASN1_TIME_to_tm(timestamp_asn1, timestamp_tm))) {
         OPENSSL_free(timestamp_tm);
         ASN1_TIME_free(timestamp_asn1);