diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-08-12 10:11:09 +0200 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-08-17 17:57:15 +0200 |
commit | 524fdd515569e12047ddb29ba4c7f19706aacc98 (patch) | |
tree | 1b14f078d4774b9f803fe486b4ea044d668cfd74 /crypto/pkcs12 | |
parent | When building a tarball, avoid trying to copy submodules (diff) | |
download | openssl-524fdd515569e12047ddb29ba4c7f19706aacc98.tar.xz openssl-524fdd515569e12047ddb29ba4c7f19706aacc98.zip |
Clear outputs in PKCS12_parse error handling.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4145)
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r-- | crypto/pkcs12/p12_kiss.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c index 62f5d1ec17..7ab98385a7 100644 --- a/crypto/pkcs12/p12_kiss.c +++ b/crypto/pkcs12/p12_kiss.c @@ -34,6 +34,12 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, { STACK_OF(X509) *ocerts = NULL; X509 *x = NULL; + + if (pkey) + *pkey = NULL; + if (cert) + *cert = NULL; + /* Check for NULL PKCS12 structure */ if (!p12) { @@ -42,11 +48,6 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, return 0; } - if (pkey) - *pkey = NULL; - if (cert) - *cert = NULL; - /* Check the mac */ /* @@ -75,7 +76,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, if (!ocerts) { PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE); - return 0; + goto err; } if (!parse_pk12(p12, pass, -1, pkey, ocerts)) { @@ -111,10 +112,14 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, err: - if (pkey) + if (pkey) { EVP_PKEY_free(*pkey); - if (cert) + *pkey = NULL; + } + if (cert) { X509_free(*cert); + *cert = NULL; + } X509_free(x); sk_X509_pop_free(ocerts, X509_free); return 0; |