Intercept a NULL s early in ASN1_TIME_set_string_internal()

If s is NULL, the only thing the tm_to_*() functions do is a check that
a GeneralizedTime has a four digit year (between 0000 and 9999) and a
UTCTime has a year between 1950 and 2050. These checks are already done
in ASN1_TIME_parse() itself: the century is 100 times a two-digit value
(or 19 in the UTCTime case) plus another two-digit value.

ok beck

1 files changed, 6 insertions, 1 deletions

diff --git a/src/lib/libcrypto/asn1/a_time_tm.c b/src/lib/libcrypto/asn1/a_time_tm.c
index d729af5f65..c13b9b5064 100644
--- a/src/lib/libcrypto/asn1/a_time_tm.c
+++ b/src/lib/libcrypto/asn1/a_time_tm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_time_tm.c,v 1.40 2024/05/03 18:22:26 tb Exp $ */
+/* $OpenBSD: a_time_tm.c,v 1.41 2024/05/03 18:29:43 tb Exp $ */
 /*
  * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
  *
@@ -325,6 +325,11 @@ ASN1_TIME_set_string_internal(ASN1_TIME *s, const char *str, int mode)
 
         if (ASN1_time_parse(str, strlen(str), &tm, mode) == -1)
                 return 0;
+
+        /* Only check str's format, as documented. */
+        if (s == NULL)
+                return 1;
+
         switch (mode) {
         case V_ASN1_UTCTIME:
                 return tm_to_utctime(&tm, s);