Fix potential memory leak in ASN1_TIME_to_generalizedtime() (cdfb7809) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/asn1/a_time.c

+15 −6

Original line number	Diff line number	Diff line
		@@ -137,7 +137,7 @@ int ASN1_TIME_check(ASN1_TIME *t)
		ASN1_GENERALIZEDTIME ASN1_TIME_to_generalizedtime(ASN1_TIME t,
		ASN1_GENERALIZEDTIME **out)
		{
		ASN1_GENERALIZEDTIME *ret;
		ASN1_GENERALIZEDTIME *ret = NULL;
		char *str;
		int newlen;

		@@ -146,7 +146,7 @@ ASN1_GENERALIZEDTIME ASN1_TIME_to_generalizedtime(ASN1_TIME t,

		if (!out \|\| !*out) {
		if (!(ret = ASN1_GENERALIZEDTIME_new()))
		return NULL;
		goto err;
		if (out)
		*out = ret;
		} else
		@@ -155,13 +155,13 @@ ASN1_GENERALIZEDTIME ASN1_TIME_to_generalizedtime(ASN1_TIME t,
		/* If already GeneralizedTime just copy across */
		if (t->type == V_ASN1_GENERALIZEDTIME) {
		if (!ASN1_STRING_set(ret, t->data, t->length))
		return NULL;
		return ret;
		goto err;
		goto done;
		}

		/* grow the string */
		if (!ASN1_STRING_set(ret, NULL, t->length + 2))
		return NULL;
		goto err;
		/* ASN1_STRING_set() allocated 'len + 1' bytes. */
		newlen = t->length + 2 + 1;
		str = (char *)ret->data;
		@@ -173,9 +173,18 @@ ASN1_GENERALIZEDTIME ASN1_TIME_to_generalizedtime(ASN1_TIME t,

		BUF_strlcat(str, (char *)t->data, newlen);

		done:
		if (out != NULL && *out == NULL)
		*out = ret;
		return ret;

		err:
		if (out == NULL \|\| *out != ret)
		ASN1_GENERALIZEDTIME_free(ret);
		return NULL;
		}


		int ASN1_TIME_set_string(ASN1_TIME s, const char str)
		{
		ASN1_TIME t;