[openssl/openssl] c15a84: add test for provoking integer overflow in ossl_as...

[Paul Dreik]

  Branch: refs/heads/openssl-3.2
  Home:   https://github.com/openssl/openssl
  Commit: c15a844156d9cc373b2f42c58034437a3c45f58c
      https://github.com/openssl/openssl/commit/c15a844156d9cc373b2f42c58034437a3c45f58c
  Author: Paul Dreik <github at pauldreik.se>
  Date:   2024-01-18 (Thu, 18 Jan 2024)

  Changed paths:
    M test/asn1_time_test.c

  Log Message:
  -----------
  add test for provoking integer overflow in ossl_asn1_time_from_tm

this needs a sanitized 64 bit time_t build to be detected (or possibly
valgrind, trapv or similar)

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22976)

(cherry picked from commit 017fd465a4f01323465823a3dcf318553365dfdd)


  Commit: 603505f1221713db8269450f90c1e843b3013612
      https://github.com/openssl/openssl/commit/603505f1221713db8269450f90c1e843b3013612
  Author: Paul Dreik <github at pauldreik.se>
  Date:   2024-01-18 (Thu, 18 Jan 2024)

  Changed paths:
    M crypto/asn1/a_time.c

  Log Message:
  -----------
  prevent integer overflow in ossl_asn1_time_from_tm

this could be triggered by the following code (assuming 64 bit time_t):

time_t t = 67768011791126057ULL;
ASN1_TIME* at = ASN1_TIME_set(NULL, t);

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22976)

(cherry picked from commit 5b2d8bc28a8ff59689da98f31459819db09a9099)


Compare: https://github.com/openssl/openssl/compare/141365d1b4ab...603505f12217