Commit 2c91b3f5 authored by J Mohan Rao Arisankala's avatar J Mohan Rao Arisankala Committed by Rich Salz
Browse files

Check method before access and release ctx in error paths 



- In error paths, EVP_MD_CTX allocated by the callee is not released.
- Checking method before accessing

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 2d51c28f

crypto/asn1/a_sign.c

+8 −4
Original line number Diff line number Diff line
@@ -245,7 +245,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, 


    if (!type || !pkey) {

        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);

        return 0;

        goto err;

    }



    if (!pkey->ameth) {

        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);

        goto err;

    }



    if (pkey->ameth->item_sign) {
@@ -267,13 +272,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, 
        rv = 2;



    if (rv == 2) {

        if (!pkey->ameth ||

            !OBJ_find_sigid_by_algs(&signid,

        if (!OBJ_find_sigid_by_algs(&signid,

                                    EVP_MD_nid(type),

                                    pkey->ameth->pkey_id)) {

            ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,

                    ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);

            return 0;

            goto err;

        }



        if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)