Commit 7f015c909e for openssl.org

commit 7f015c909ee3480a59d4fe828c3da22c7a55a2f4
Author: Joshua Rogers <MegaManSec@users.noreply.github.com>
Date:   Sat Oct 11 20:40:13 2025 +0800

    asn1: clear error mark on success in asn1_d2i_read_bio

    Balance ERR_set_mark by calling ERR_clear_last_mark on the success path.
    Prevents a stale mark from skewing later error handling.

    Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>

    Reviewed-by: Matt Caswell <matt@openssl.org>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    Reviewed-by: Tomas Mraz <tomas@openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/28882)

diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
index df86d8b3fe..95c1b884c1 100644
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -171,6 +171,7 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
             if (e != ASN1_R_TOO_LONG)
                 goto err;
             ERR_pop_to_mark();
+            ERR_set_mark();
         }
         off += q - p;               /* end of data */

@@ -251,6 +252,7 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
     }

     *pb = b;
+    ERR_clear_last_mark();
     return (int)off;
  err:
     ERR_clear_last_mark();