asn1/a_time.c: make handling of 'fractional point' formally correct.

Even though tm->length >= 15 && v[14] == '.' works in practice,
[because "YYYYMMDDHHMMSS." would be rejected as invalid by
asn1_time_to_tm,] formal correctness with respect to buffer
overstep in few lines vicinity improves readability.

[Also fold one if condition and improve expression readability.]

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4058)
This commit is contained in:
Andy Polyakov 2017-07-31 12:34:01 +02:00
parent a9dee23037
commit b7e011f8b6

View file

@ -450,8 +450,7 @@ static const char _asn1_mon[12][4] = {
int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
{
char *v;
char *f = NULL;
int f_len = 0, gmt = 0, l;
int gmt = 0, l;
struct tm stm;
if (!asn1_time_to_tm(&stm, tm)) {
@ -463,28 +462,32 @@ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
v = (char *)tm->data;
if (v[l - 1] == 'Z')
gmt = 1;
if (tm->type == V_ASN1_GENERALIZEDTIME) {
char *f = NULL;
int f_len = 0;
/*
* Try to parse fractional seconds. '14' is the place of
* 'fraction point' in a GeneralizedTime string.
*/
if (tm->type == V_ASN1_GENERALIZEDTIME
&& tm->length >= 15 && v[14] == '.') {
if (tm->length > 15 && v[14] == '.') {
f = &v[14];
f_len = 1;
while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
++f_len;
}
if (tm->type == V_ASN1_GENERALIZEDTIME)
return BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
_asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour,
stm.tm_min, stm.tm_sec, f_len, f, stm.tm_year + 1900,
(gmt) ? " GMT" : "") > 0;
else
(gmt ? " GMT" : "")) > 0;
} else {
return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
_asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour,
stm.tm_min, stm.tm_sec, stm.tm_year + 1900,
(gmt) ? " GMT" : "") > 0;
(gmt ? " GMT" : "")) > 0;
}
err:
BIO_write(bp, "Bad time value", 14);
return 0;