diff options
Diffstat (limited to 'crypto/cms')
-rw-r--r-- | crypto/cms/cms_enc.c | 2 | ||||
-rw-r--r-- | crypto/cms/cms_pwri.c | 3 | ||||
-rw-r--r-- | crypto/cms/cms_sd.c | 2 | ||||
-rw-r--r-- | crypto/cms/cms_smime.c | 2 |
4 files changed, 7 insertions, 2 deletions
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c index 85ae928..b14b4b6 100644 --- a/crypto/cms/cms_enc.c +++ b/crypto/cms/cms_enc.c @@ -195,7 +195,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) ok = 1; err: - if (ec->key && !keep_key) { + if (ec->key && (!keep_key || !ok)) { OPENSSL_cleanse(ec->key, ec->keylen); OPENSSL_free(ec->key); ec->key = NULL; diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index a8322dc..b91c016 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -121,6 +121,9 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, /* Setup algorithm identifier for cipher */ encalg = X509_ALGOR_new(); + if (encalg == NULL) { + goto merr; + } EVP_CIPHER_CTX_init(&ctx); if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) { diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 721ffd5..a41aca8 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -857,6 +857,8 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain) } else { const EVP_MD *md = EVP_MD_CTX_md(&mctx); pkctx = EVP_PKEY_CTX_new(si->pkey, NULL); + if (pkctx == NULL) + goto err; if (EVP_PKEY_verify_init(pkctx) <= 0) goto err; if (EVP_PKEY_CTX_set_signature_md(pkctx, md) <= 0) diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index 5522a37..07e3472 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -754,7 +754,7 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags) BIO *cmsbio; int ret = 0; if (!(cmsbio = CMS_dataInit(cms, dcont))) { - CMSerr(CMS_F_CMS_FINAL, ERR_R_MALLOC_FAILURE); + CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_LIB); return 0; } |