From 2c91b3f5bf01de198ca45d49fcba3d6c24e8c7f6 Mon Sep 17 00:00:00 2001 From: J Mohan Rao Arisankala Date: Tue, 23 Feb 2016 22:33:28 +0530 Subject: [PATCH] Check method before access and release ctx in error paths - In error paths, EVP_MD_CTX allocated by the callee is not released. - Checking method before accessing Reviewed-by: Matt Caswell Reviewed-by: Rich Salz --- crypto/asn1/a_sign.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 99124c1bed..6e6f497880 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -245,7 +245,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, if (!type || !pkey) { ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); - return 0; + goto err; + } + + if (!pkey->ameth) { + ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + goto err; } if (pkey->ameth->item_sign) { @@ -267,13 +272,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, rv = 2; if (rv == 2) { - if (!pkey->ameth || - !OBJ_find_sigid_by_algs(&signid, + if (!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type), pkey->ameth->pkey_id)) { ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); - return 0; + goto err; } if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)