Trace of issue reported by Infer on openssl-1.0.1h apps/ca.c:2780: error: NULL_DEREFERENCE pointer `revtm` last assigned on line 2778 could be null and is dereferenced at line 2780, column 6 Showing all 61 steps of the trace apps/ca.c:2715:1: start of procedure make_revocation_str() 2713. */ 2714. 2715. > char *make_revocation_str(int rev_type, char *rev_arg) 2716. { 2717. char *other = NULL, *str; apps/ca.c:2717:2: 2715. char *make_revocation_str(int rev_type, char *rev_arg) 2716. { 2717. > char *other = NULL, *str; 2718. const char *reason = NULL; 2719. ASN1_OBJECT *otmp; apps/ca.c:2718:2: 2716. { 2717. char *other = NULL, *str; 2718. > const char *reason = NULL; 2719. ASN1_OBJECT *otmp; 2720. ASN1_UTCTIME *revtm = NULL; apps/ca.c:2720:2: 2718. const char *reason = NULL; 2719. ASN1_OBJECT *otmp; 2720. > ASN1_UTCTIME *revtm = NULL; 2721. int i; 2722. switch (rev_type) apps/ca.c:2722:2: 2720. ASN1_UTCTIME *revtm = NULL; 2721. int i; 2722. > switch (rev_type) 2723. { 2724. case REV_NONE: apps/ca.c:2724:2: Condition is false 2722. switch (rev_type) 2723. { 2724. case REV_NONE: ^ 2725. break; 2726. apps/ca.c:2727:2: Condition is false 2725. break; 2726. 2727. case REV_CRL_REASON: ^ 2728. for (i = 0; i < 8; i++) 2729. { apps/ca.c:2743:2: Condition is false 2741. break; 2742. 2743. case REV_HOLD: ^ 2744. /* Argument is an OID */ 2745. apps/ca.c:2759:2: Condition is true 2757. break; 2758. 2759. case REV_KEY_COMPROMISE: ^ 2760. case REV_CA_COMPROMISE: 2761. apps/ca.c:2763:8: 2761. 2762. /* Argument is the key compromise time */ 2763. > if (!ASN1_GENERALIZEDTIME_set_string(NULL, rev_arg)) 2764. { 2765. BIO_printf(bio_err, "Invalid time format %s. Need YYYYMMDDHHMMSSZ\n", rev_arg); crypto/asn1/a_gentm.c:189:1: start of procedure ASN1_GENERALIZEDTIME_set_string() 187. } 188. 189. > int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) 190. { 191. ASN1_GENERALIZEDTIME t; crypto/asn1/a_gentm.c:193:2: 191. ASN1_GENERALIZEDTIME t; 192. 193. > t.type=V_ASN1_GENERALIZEDTIME; 194. t.length=strlen(str); 195. t.data=(unsigned char *)str; crypto/asn1/a_gentm.c:194:2: 192. 193. t.type=V_ASN1_GENERALIZEDTIME; 194. > t.length=strlen(str); 195. t.data=(unsigned char *)str; 196. if (ASN1_GENERALIZEDTIME_check(&t)) crypto/asn1/a_gentm.c:195:2: 193. t.type=V_ASN1_GENERALIZEDTIME; 194. t.length=strlen(str); 195. > t.data=(unsigned char *)str; 196. if (ASN1_GENERALIZEDTIME_check(&t)) 197. { crypto/asn1/a_gentm.c:196:6: Condition is true 194. t.length=strlen(str); 195. t.data=(unsigned char *)str; 196. if (ASN1_GENERALIZEDTIME_check(&t)) ^ 197. { 198. if (s != NULL) crypto/asn1/a_gentm.c:198:7: Condition is false 196. if (ASN1_GENERALIZEDTIME_check(&t)) 197. { 198. if (s != NULL) ^ 199. { 200. if (!ASN1_STRING_set((ASN1_STRING *)s, crypto/asn1/a_gentm.c:205:3: 203. s->type=V_ASN1_GENERALIZEDTIME; 204. } 205. > return(1); 206. } 207. else crypto/asn1/a_gentm.c:209:2: return from a call to ASN1_GENERALIZEDTIME_set_string 207. else 208. return(0); 209. } ^ 210. 211. ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, apps/ca.c:2763:8: Condition is true 2761. 2762. /* Argument is the key compromise time */ 2763. if (!ASN1_GENERALIZEDTIME_set_string(NULL, rev_arg)) ^ 2764. { 2765. BIO_printf(bio_err, "Invalid time format %s. Need YYYYMMDDHHMMSSZ\n", rev_arg); apps/ca.c:2763:7: Condition is false 2761. 2762. /* Argument is the key compromise time */ 2763. if (!ASN1_GENERALIZEDTIME_set_string(NULL, rev_arg)) ^ 2764. { 2765. BIO_printf(bio_err, "Invalid time format %s. Need YYYYMMDDHHMMSSZ\n", rev_arg); apps/ca.c:2768:3: 2766. return NULL; 2767. } 2768. > other = rev_arg; 2769. if (rev_type == REV_KEY_COMPROMISE) 2770. reason = "keyTime"; apps/ca.c:2769:7: Condition is true 2767. } 2768. other = rev_arg; 2769. if (rev_type == REV_KEY_COMPROMISE) ^ 2770. reason = "keyTime"; 2771. else apps/ca.c:2770:4: 2768. other = rev_arg; 2769. if (rev_type == REV_KEY_COMPROMISE) 2770. > reason = "keyTime"; 2771. else 2772. reason = "CAkeyTime"; apps/ca.c:2778:2: 2776. } 2777. 2778. > revtm = X509_gmtime_adj(NULL, 0); 2779. 2780. i = revtm->length + 1; crypto/x509/x509_vfy.c:1760:1: start of procedure X509_gmtime_adj() 1758. } 1759. 1760. > ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) 1761. { 1762. return X509_time_adj(s, adj, NULL); crypto/x509/x509_vfy.c:1762:2: 1760. ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) 1761. { 1762. > return X509_time_adj(s, adj, NULL); 1763. } 1764. crypto/x509/x509_vfy.c:1765:1: start of procedure X509_time_adj() 1763. } 1764. 1765. > ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm) 1766. { 1767. return X509_time_adj_ex(s, 0, offset_sec, in_tm); crypto/x509/x509_vfy.c:1767:2: 1765. ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm) 1766. { 1767. > return X509_time_adj_ex(s, 0, offset_sec, in_tm); 1768. } 1769. crypto/x509/x509_vfy.c:1770:1: start of procedure X509_time_adj_ex() 1768. } 1769. 1770. > ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, 1771. int offset_day, long offset_sec, time_t *in_tm) 1772. { crypto/x509/x509_vfy.c:1775:6: Condition is false 1773. time_t t; 1774. 1775. if (in_tm) t = *in_tm; ^ 1776. else time(&t); 1777. crypto/x509/x509_vfy.c:1776:7: 1774. 1775. if (in_tm) t = *in_tm; 1776. > else time(&t); 1777. 1778. if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) crypto/x509/x509_vfy.c:1778:6: Condition is false 1776. else time(&t); 1777. 1778. if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) ^ 1779. { 1780. if (s->type == V_ASN1_UTCTIME) crypto/x509/x509_vfy.c:1786:2: 1784. offset_sec); 1785. } 1786. > return ASN1_TIME_adj(s, t, offset_day, offset_sec); 1787. } 1788. crypto/asn1/a_time.c:106:1: start of procedure ASN1_TIME_adj() 104. } 105. 106. > ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, 107. int offset_day, long offset_sec) 108. { crypto/asn1/a_time.c:112:2: 110. struct tm data; 111. 112. > ts=OPENSSL_gmtime(&t,&data); 113. if (ts == NULL) 114. { crypto/o_time.c:81:1: start of procedure OPENSSL_gmtime() 79. #endif 80. 81. > struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) 82. { 83. struct tm *ts = NULL; crypto/o_time.c:83:2: 81. struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) 82. { 83. > struct tm *ts = NULL; 84. 85. #if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS) crypto/o_time.c:91:2: 89. ts = result; 90. #elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK) 91. > ts = gmtime(timer); 92. if (ts == NULL) 93. return NULL; crypto/o_time.c:92:6: Condition is true 90. #elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK) 91. ts = gmtime(timer); 92. if (ts == NULL) ^ 93. return NULL; 94. crypto/o_time.c:93:3: 91. ts = gmtime(timer); 92. if (ts == NULL) 93. > return NULL; 94. 95. memcpy(result, ts, sizeof(struct tm)); crypto/o_time.c:226:2: return from a call to OPENSSL_gmtime 224. #endif 225. return ts; 226. } ^ 227. 228. /* Take a tm structure and add an offset to it. This avoids any OS issues crypto/asn1/a_time.c:113:6: Condition is true 111. 112. ts=OPENSSL_gmtime(&t,&data); 113. if (ts == NULL) ^ 114. { 115. ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); crypto/asn1/a_time.c:115:3: 113. if (ts == NULL) 114. { 115. > ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); 116. return NULL; 117. } crypto/err/err.c:706:1: start of procedure ERR_put_error() 704. /********************************************************/ 705. 706. > void ERR_put_error(int lib, int func, int reason, const char *file, 707. int line) 708. { crypto/err/err.c:730:2: Skipped call: function or method not found 728. } 729. #endif 730. es=ERR_get_state(); ^ 731. 732. es->top=(es->top+1)%ERR_NUM_ERRORS; crypto/err/err.c:732:2: 730. es=ERR_get_state(); 731. 732. > es->top=(es->top+1)%ERR_NUM_ERRORS; 733. if (es->top == es->bottom) 734. es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; crypto/err/err.c:733:6: Condition is false 731. 732. es->top=(es->top+1)%ERR_NUM_ERRORS; 733. if (es->top == es->bottom) ^ 734. es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; 735. es->err_flags[es->top]=0; crypto/err/err.c:735:2: 733. if (es->top == es->bottom) 734. es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; 735. > es->err_flags[es->top]=0; 736. es->err_buffer[es->top]=ERR_PACK(lib,func,reason); 737. es->err_file[es->top]=file; crypto/err/err.c:736:2: 734. es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; 735. es->err_flags[es->top]=0; 736. > es->err_buffer[es->top]=ERR_PACK(lib,func,reason); 737. es->err_file[es->top]=file; 738. es->err_line[es->top]=line; crypto/err/err.c:737:2: 735. es->err_flags[es->top]=0; 736. es->err_buffer[es->top]=ERR_PACK(lib,func,reason); 737. > es->err_file[es->top]=file; 738. es->err_line[es->top]=line; 739. err_clear_data(es,es->top); crypto/err/err.c:738:2: 736. es->err_buffer[es->top]=ERR_PACK(lib,func,reason); 737. es->err_file[es->top]=file; 738. > es->err_line[es->top]=line; 739. err_clear_data(es,es->top); 740. } crypto/err/err.c:739:2: Condition is true 737. es->err_file[es->top]=file; 738. es->err_line[es->top]=line; 739. err_clear_data(es,es->top); ^ 740. } 741. crypto/err/err.c:739:2: Condition is false 737. es->err_file[es->top]=file; 738. es->err_line[es->top]=line; 739. err_clear_data(es,es->top); ^ 740. } 741. crypto/err/err.c:739:2: Condition is false 737. es->err_file[es->top]=file; 738. es->err_line[es->top]=line; 739. err_clear_data(es,es->top); ^ 740. } 741. crypto/err/err.c:740:2: return from a call to ERR_put_error 738. es->err_line[es->top]=line; 739. err_clear_data(es,es->top); 740. } ^ 741. 742. void ERR_clear_error(void) crypto/asn1/a_time.c:116:3: 114. { 115. ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); 116. > return NULL; 117. } 118. if (offset_day || offset_sec) crypto/asn1/a_time.c:126:2: return from a call to ASN1_TIME_adj 124. return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec); 125. return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec); 126. } ^ 127. 128. int ASN1_TIME_check(ASN1_TIME *t) crypto/x509/x509_vfy.c:1787:2: return from a call to X509_time_adj_ex 1785. } 1786. return ASN1_TIME_adj(s, t, offset_day, offset_sec); 1787. } ^ 1788. 1789. int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) crypto/x509/x509_vfy.c:1768:2: return from a call to X509_time_adj 1766. { 1767. return X509_time_adj_ex(s, 0, offset_sec, in_tm); 1768. } ^ 1769. 1770. ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, crypto/x509/x509_vfy.c:1763:1: return from a call to X509_gmtime_adj 1761. { 1762. return X509_time_adj(s, adj, NULL); 1763. > } 1764. 1765. ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm) apps/ca.c:2780:2: 2778. revtm = X509_gmtime_adj(NULL, 0); 2779. 2780. > i = revtm->length + 1; 2781. 2782. if (reason) i += strlen(reason) + 1;