mirror of
https://github.com/QuasarApp/openssl.git
synced 2025-05-13 18:09:39 +00:00
Check method before access and release ctx in error paths
- In error paths, EVP_MD_CTX allocated by the callee is not released. - Checking method before accessing Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
J Mohan Rao Arisankala
Rich Salz
parent
2d51c28ff7
commit
2c91b3f5bf
@ -245,7 +245,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
|
|||||||
|
|
||||||
if (!type || !pkey) {
|
if (!type || !pkey) {
|
||||||
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
|
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
|
||||||
return 0;
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!pkey->ameth) {
|
||||||
|
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
|
||||||
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (pkey->ameth->item_sign) {
|
if (pkey->ameth->item_sign) {
|
||||||
@ -267,13 +272,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
|
|||||||
rv = 2;
|
rv = 2;
|
||||||
|
|
||||||
if (rv == 2) {
|
if (rv == 2) {
|
||||||
if (!pkey->ameth ||
|
if (!OBJ_find_sigid_by_algs(&signid,
|
||||||
!OBJ_find_sigid_by_algs(&signid,
|
|
||||||
EVP_MD_nid(type),
|
EVP_MD_nid(type),
|
||||||
pkey->ameth->pkey_id)) {
|
pkey->ameth->pkey_id)) {
|
||||||
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
|
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
|
||||||
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
|
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
|
||||||
return 0;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
|
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user