[openssl/openssl] 017fd4: add test for provoking integer overflow in ossl_as...

[Paul Dreik]

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 017fd465a4f01323465823a3dcf318553365dfdd
      https://github.com/openssl/openssl/commit/017fd465a4f01323465823a3dcf318553365dfdd
  Author: Paul Dreik <github at pauldreik.se>
  Date:   2024-01-18 (Thu, 18 Jan 2024)

  Changed paths:
    M test/asn1_time_test.c

  Log Message:
  -----------
  add test for provoking integer overflow in ossl_asn1_time_from_tm

this needs a sanitized 64 bit time_t build to be detected (or possibly
valgrind, trapv or similar)

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22976)


  Commit: 5b2d8bc28a8ff59689da98f31459819db09a9099
      https://github.com/openssl/openssl/commit/5b2d8bc28a8ff59689da98f31459819db09a9099
  Author: Paul Dreik <github at pauldreik.se>
  Date:   2024-01-18 (Thu, 18 Jan 2024)

  Changed paths:
    M crypto/asn1/a_time.c

  Log Message:
  -----------
  prevent integer overflow in ossl_asn1_time_from_tm

this could be triggered by the following code (assuming 64 bit time_t):

time_t t = 67768011791126057ULL;
ASN1_TIME* at = ASN1_TIME_set(NULL, t);

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22976)


Compare: https://github.com/openssl/openssl/compare/c1decd624600...5b2d8bc28a8f