summaryrefslogtreecommitdiffstats
path: root/crypto/pkcs12
diff options
context:
space:
mode:
authorBernd Edlinger <bernd.edlinger@hotmail.de>2017-08-12 10:11:09 +0200
committerBernd Edlinger <bernd.edlinger@hotmail.de>2017-08-17 17:57:15 +0200
commit524fdd515569e12047ddb29ba4c7f19706aacc98 (patch)
tree1b14f078d4774b9f803fe486b4ea044d668cfd74 /crypto/pkcs12
parentWhen building a tarball, avoid trying to copy submodules (diff)
downloadopenssl-524fdd515569e12047ddb29ba4c7f19706aacc98.tar.xz
openssl-524fdd515569e12047ddb29ba4c7f19706aacc98.zip
Clear outputs in PKCS12_parse error handling.
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4145)
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r--crypto/pkcs12/p12_kiss.c21
1 files changed, 13 insertions, 8 deletions
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 62f5d1ec17..7ab98385a7 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -34,6 +34,12 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
{
STACK_OF(X509) *ocerts = NULL;
X509 *x = NULL;
+
+ if (pkey)
+ *pkey = NULL;
+ if (cert)
+ *cert = NULL;
+
/* Check for NULL PKCS12 structure */
if (!p12) {
@@ -42,11 +48,6 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
return 0;
}
- if (pkey)
- *pkey = NULL;
- if (cert)
- *cert = NULL;
-
/* Check the mac */
/*
@@ -75,7 +76,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
if (!ocerts) {
PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;
}
if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
@@ -111,10 +112,14 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
err:
- if (pkey)
+ if (pkey) {
EVP_PKEY_free(*pkey);
- if (cert)
+ *pkey = NULL;
+ }
+ if (cert) {
X509_free(*cert);
+ *cert = NULL;
+ }
X509_free(x);
sk_X509_pop_free(ocerts, X509_free);
return 0;