Plug leaks in ASN1_TIME_set_string_internal()

This API can be called with s == NULL, in which case the tm_to_*()
functions helpfully allocate a new s and then leak. This is a rather
ugly fix to make portable ASAN regress happy again, the better fix
will be to rewrite the tm_to_*() functions and adjust their callers.
That is more intrusive and will be done in a later pass.

ok bcook jsing

diff --git a/lib/libcrypto/asn1/a_time_tm.c b/lib/libcrypto/asn1/a_time_tm.c
index c8eabec..16b9df2 100644 (file)
--- a/lib/libcrypto/asn1/a_time_tm.c
+++ b/lib/libcrypto/asn1/a_time_tm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_time_tm.c,v 1.34 2024/04/08 19:57:40 beck Exp $ */
+/* $OpenBSD: a_time_tm.c,v 1.35 2024/04/09 13:56:00 tb Exp $ */
 /*
  * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
  *
@@ -344,21 +344,32 @@ ASN1_time_parse(const char *bytes, size_t len, struct tm *tm, int mode)
 static int
 ASN1_TIME_set_string_internal(ASN1_TIME *s, const char *str, int mode)
 {
+       ASN1_TIME *atime = s;
        struct tm tm;
        int type;
+       int ret = 0;
 
        if ((type = ASN1_time_parse(str, strlen(str), &tm, mode)) == -1)
                return (0);
-       switch(mode) {
+       switch (mode) {
        case V_ASN1_UTCTIME:
-               return (type == mode && tm_to_utctime(&tm, s) != NULL);
+               ret = (type == mode && (atime = tm_to_utctime(&tm, s)) != NULL);
+               break;
        case V_ASN1_GENERALIZEDTIME:
-               return (type == mode && tm_to_gentime(&tm, s) != NULL);
+               ret = (type == mode && (atime = tm_to_gentime(&tm, s)) != NULL);
+               break;
        case RFC5280:
-               return (tm_to_rfc5280_time(&tm, s) != NULL);
+               ret = ((atime = tm_to_rfc5280_time(&tm, s)) != NULL);
+               break;
        default:
-               return (0);
+               ret = 0;
+               break;
        }
+
+       if (atime != s)
+               ASN1_TIME_free(atime);
+
+       return ret;
 }
 
 static ASN1_TIME *