diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-03-28 00:42:17 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-03-28 00:42:17 +0000 |
commit | 4525a048ecb74f221bc9ba3ba32573f54d10c6b6 (patch) | |
tree | ca028ffa7a278580a27a59eae79da12b8f5f3e45 /crypto | |
parent | f421a52f56ebe4c4f80dd3704319aec825256118 (diff) | |
download | openssl-new-4525a048ecb74f221bc9ba3ba32573f54d10c6b6.tar.gz |
PR: 1696
Check return value if d2i_PBEPARAM().
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/pkcs12/p12_npas.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c index 47e5e9c377..2f71355150 100644 --- a/crypto/pkcs12/p12_npas.c +++ b/crypto/pkcs12/p12_npas.c @@ -120,8 +120,13 @@ static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) bags = PKCS12_unpack_p7data(p7); } else if (bagnid == NID_pkcs7_encrypted) { bags = PKCS12_unpack_p7encdata(p7, oldpass, -1); - alg_get(p7->d.encrypted->enc_data->algorithm, - &pbe_nid, &pbe_iter, &pbe_saltlen); + if (!alg_get(p7->d.encrypted->enc_data->algorithm, + &pbe_nid, &pbe_iter, &pbe_saltlen)) + { + sk_PKCS12_SAFEBAG_pop_free(bags, + PKCS12_SAFEBAG_free); + bags = NULL; + } } else continue; if (!bags) { sk_PKCS7_pop_free(asafes, PKCS7_free); @@ -193,7 +198,9 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1; if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1))) return 0; - alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen); + if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, + &p8_saltlen)) + return 0; if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen, p8_iter, p8))) return 0; X509_SIG_free(bag->value.shkeybag); @@ -208,9 +215,11 @@ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) p = alg->parameter->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); + if (!pbe) + return 0; *pnid = OBJ_obj2nid(alg->algorithm); *piter = ASN1_INTEGER_get(pbe->iter); *psaltlen = pbe->salt->length; PBEPARAM_free(pbe); - return 0; + return 1; } |